Android security exploit

[Glenn]

A security researcher has released proof-of-concept code that exploits a vulnerability in most versions of Google's Android operating system for smartphones.

M.J. Keith of Alert Logic said he released the attack code to expose what he characterized as inadequate patching practices for the open-source mobile platform. Rather than find the underlying bug himself, he searched through a list of documented security flaws for Apple's Safari, which relies on the same Webkit browser engine used in Android. In short order, he had an attack that exploits about two-thirds of the handsets that rely on the OS.

http://www.theregister.co.uk/2010/11/06/android_attack_code/

[Rik]

Is nothing safe anymore. 

[Simon]

I don't think Android ever was. 

[Rik]

Where's that carrier pigeon.

[Simon]

I just ran over it.

[Glenn]

I don't think Android ever was. 

Going by the way he found the holes, Safari isn't either.

[Rik]

I just ran over it.

Shame on you, I was saving him for lunch.

[Simon]

Going by the way he found the holes, Safari isn't either.

It bloody is as far as trying to hack it to change the font size on the iPhone!   

[Rik]

 

[Glenn]

It bloody is as far as trying to hack it to change the font size on the iPhone!   

Email the guy and ask him to hack it for you. 

[Simon]

Who, Steve Jobs?

[Glenn]

The chap in the article

[Simon]

Ah... 

[Gary]

Going by the way he found the holes, Safari isn't either.

Depends how Safari interacts with OSX compared with Webkit on Android I guess, OS X 10.6.5 is coming soon so there may be a new update to Safari anyway, but all smartphones will be targets, Android will have Flash as the most vulnerable I imagine, OSX has its own, Windows has had a IE hole for 600 days now! Nothing is secure, unless you nail it down 

[Rik]

And then, if it's a water container, it just leaks.

[Gary]

And then, if it's a water container, it just leaks.