“Researchers have found multiple holes in Android phones’ permissions-based security that would allow a hacker to snatch data, monitor geolocation, send SMS messages, and even eavesdrop on conversations,” Lisa Vaas reports for Naked Security. “A group of security researchers from North Carolina State University found the glitches in eight handsets from HTC, Motorola, Samsung and Google.”
“The glitchy code lies within interfaces and services added by the phone manufacturers to beef up stock firmware from Google,” Vaas reports. “These capability leaks constitute ‘a tangible security weakness for many Android smartphones in the market today,’ they said. And, they added, the snazzier the phone, the buggier the picture, given that the more pre-loaded apps are present, the more likely the gadget is to have explicit capability leaks.”
These are the eight Android smartphones they tested and found to be at risk:
HTC:
* Legend
* EVO 4G
* Wildfire S
Motorola:
* Droid
* Droid X
Samsung:
* Epic 4G
Google:
* Nexus One
* Nexus S
Read more in the full article here.
[Thanks to MacDailyNews Reader “proudy.timms” for the heads up.]
Related articles:
You bank on your pretend iPhone? Are you nuts?! Android malware up 472% since July – November 16, 2011
Android security threats surge with infected ‘Angry Birds’; iPhone and iPad users unaffected – November 15, 2011
Apple’s iOS unaffected by malware as Android exploits surge 76% – August 24, 2011
McAfee: Google’s Android number one in malware – August 23, 2011
Android malware records phone calls; iPhone users unaffected – August 2, 2011
Symantec: Apple iOS offers ‘full protection,’ Google Android ‘little protection’ vs. malware attacks – June 29, 2011
Malware apps spoof Android Market to infect Android phones – June 21, 2011
Google forced to pull several malware-infested apps from Android market – June 8, 2011
Android malware sees explosive growth; even faster than with PCs – April 27, 2011
Virus-laden apps infest Google’s ‘open’ Android platform; iPhone unaffected – March 3, 2011
Security firm warns of new Android trojan that can steal personal information; iPhone unaffected – December 30, 2010
Trojan infects Android smartphones; iPhone unaffected – August 10, 2010
Millions of Android phone users slammed by malicious data theft app – July 29, 2010
Unlike proactive Apple, reactive Google doesn’t block malware from Android app store – June 4, 2010
Malware designed to steal bank information pops up in Google’s Android app store – January 11, 2010
‘Open’ is as ‘open’ does.
Open like leaving the door open from your house for the rest of the people to just come in and see what’s going on. As stupid as that is google seems to think its smart and their fans too they just don’t get it.
What needs to be stressed is these are just the 8 phones they looked at.
No telling how bad other Android phones are.
When you let just anybody into your house, sooner than later, somebody is going to shit on your rug.
Or jack your shit
I just want to understand this, sir. Every time a rug is micturated upon in this fair city, I have to compensate the owner?
Come on, man, I’m not trying to scam anybody here.
You get what you pay for!
Geez, the people with this yawning security hole *PLUS* the Carrier IQ sniffer onboard must feel rather dirty right now.
I sure like my phones to be open . . . open to everyone else, that is.
Open as in buttcheeks.
Now let me get this straight: does this affect Ice Cream Sandwich, or other Android variants, such as Gingerbread, Gooey Jelly-filled Doughnut, Banana Split Sundae or other really stupid names? Android is a train wreck. Every damned time I see the stupid Metro PCS “Get yourself an Android” commercials, I want to vomit.
Android, like Windows, is proof that we live in a world where people have no taste and act like sheep.
I’d second that.
Maybe.
Its software that manufacturers have added to Android on the specific devices.
If they shipped the same software with no changes on an Android 4 device I’d expect the same issues to be there.
“But you’ll have to have them all pulled out after the Savoy Truffle.”
I want the mainstream media, real and fake journalist to bring this news front and center!
Of the millions of phones sold, what percentage of users know how to Root their phone?
This small percentage of savvy consumers are the most vocal at downplaying any threat – they sound almost as passionate as Mac users – and in light if their own safe, small corner of the platform, offer little hope for the other 90-percent, who are left to doubt their choice of phones.
I’d wager 1% to 2% of the users know how to root their phones and a good 1% is a very vocal group who are sold on a philosophy with Android tied to Open Source philosophies.
I like to say I’ve met a few really crazy users from every platform. they can be ‘interesting’ at times, annoying at others. lol.
Android. OMG: What a can of worms. And pity the minions who are taking the bait.
more anti android rants!
I’m not listening anymore!
I’ve got fingers in my ears and humming…
“na na na nah, na na nah… ”
I’m not hearing you…
“na na nah, na na nah… “
“na, na… … ”
aw, sh*t my samsung’s burning a hole in my pants…
@#$%#$#!!!
Legend, Wildfire, Droid, Epic, Nexus.
Are these manufacturers aiming these devices at 14 year olds? These names are so childish. This goofed for the Google Android team too that keeps coming up with stupid release names. Makes wanna puke every time.
The new google phone: Super Epic Mega Droid Sandwich!