Android security exploit

Started by Glenn, Nov 06, 2010, 07:47:51

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Glenn

QuoteA security researcher has released proof-of-concept code that exploits a vulnerability in most versions of Google's Android operating system for smartphones.

M.J. Keith of Alert Logic said he released the attack code to expose what he characterized as inadequate patching practices for the open-source mobile platform. Rather than find the underlying bug himself, he searched through a list of documented security flaws for Apple's Safari, which relies on the same Webkit browser engine used in Android. In short order, he had an attack that exploits about two-thirds of the handsets that rely on the OS.

http://www.theregister.co.uk/2010/11/06/android_attack_code/
Glenn
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Simon

I don't think Android ever was.  :(
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Rik

Where's that carrier pigeon.
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Simon

Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Glenn

Quote from: Simon on Nov 06, 2010, 11:55:25
I don't think Android ever was.  :(
Going by the way he found the holes, Safari isn't either.
Glenn
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Rik

Quote from: Simon on Nov 06, 2010, 12:11:55
I just ran over it.

Shame on you, I was saving him for lunch. ;D
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Simon

Quote from: Glenn on Nov 06, 2010, 12:15:14
Going by the way he found the holes, Safari isn't either.

It bloody is as far as trying to hack it to change the font size on the iPhone!   ;D
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Glenn

Quote from: Simon on Nov 06, 2010, 12:18:06
It bloody is as far as trying to hack it to change the font size on the iPhone!   ;D

Email the guy and ask him to hack it for you.  ;)
Glenn
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Simon

Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Glenn

Glenn
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Simon

Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Gary

Quote from: Glenn on Nov 06, 2010, 12:15:14
Going by the way he found the holes, Safari isn't either.
Depends how Safari interacts with OSX compared with Webkit on Android I guess, OS X 10.6.5 is coming soon so there may be a new update to Safari anyway, but all smartphones will be targets, Android will have Flash as the most vulnerable I imagine, OSX has its own, Windows has had a IE hole for 600 days now! Nothing is secure, unless you nail it down  ;)
Damned, if you do damned if you don't

Rik

And then, if it's a water container, it just leaks. ;D
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Gary

Damned, if you do damned if you don't