Serious Android Flaw
Just a brief post to direct anyone who has or is considering buying an Android device to an article detailing a rather shocking security glitch. It turns out, probably due to a botched debug code cleanup, that the devices run with a terminal in the background capturing any and all keystrokes!
When the phone booted it started up a command shell as root and sent every keystroke you ever typed on the keyboard from then on to that shell. Thus every word you typed, in addition to going to the foreground application would be silently and invisibly interpreted as a command and executed with superuser privileges. Wow!
Be careful what you type in your text messages or URLs otherwise you might end up with a trashed software stack…