More Android Security Concerns

Sue Marquette Poremba
Slide Show

Five Top Mobile Device Risks and How to Protect Your Business

Once again, the security surrounding Google's products is being discussed.

 

On a personal level, I'm always a bit concerned whenever I see any article that combines the phrases "Android" and "Security Threat." I'm one of those people PC World said helped Android climb "to the top of the mobile OS mountain," and I'd really like to be sure that my Android smartphone is secure.

 

PC World attributes Android's success to it being an open platform, but that openness also makes Android more susceptible to risks. And one of those risks right now is the Android Class Loading hijacking, which was discovered by Symantec. The PC World article said:

A Symantec spokesperson explains that the Android Class Loading Hijacking threat resembles a Windows DLL hijacking attack. "It relies on the fact that Android provides APIs that allow an app to dynamically load code to be executed. For example, an application may support plug-ins that are downloaded and then loaded at a later time. Unfortunately, if these plug-ins are stored in an insecure location, this process can be hijacked."

This isn't a problem within the Android OS itself, but with the way some of the Android apps are coded.

 


After I read the article about Symantec's discovery, I saw an article from Reuters warning that the recently released Chrome OS is vulnerable to Internet attacks. Chrome stores information in the cloud, which Google says is safer, according to the article. But that's also what makes it vulnerable. According to Reuters:

Matt Johansen, a researcher with WhiteHat Security, said he identified a flaw in a Chrome OS note-taking application that he exploited to take control of a Google email account. He reported it to Google, which fixed the problem and gave him a $1,000 reward for pointing it out.

Johansen said he has since discovered other applications with the same security flaw. "This is just the tip of the iceberg," he told Reuters. "This is just evolving around us. We can see this becoming a whole new field of malware."

According to the article, Johansen plans to reveal more about the security bugs at the upcoming Black Hat conference in August.



Add Comment      Leave a comment on this blog post
Sep 22, 2011 5:58 AM Suresh Babu Suresh Babu  says:

Android is appreciated for his openness for sure, but then the data integrity should be tackled and the updates should reach the users quickly and effectively to stop the hackers from snatching data or manipulating.

Thanks for the share.

Reply

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.