Home > F/OSS, Linux, News > Serious Android Flaw

Serious Android Flaw

Just a brief post to direct anyone who has or is considering buying an Android device to an article detailing a rather shocking security glitch. It turns out, probably due to a botched debug code cleanup, that the devices run with a terminal in the background capturing any and all keystrokes!

When the phone booted it started up a command shell as root and sent every keystroke you ever typed on the keyboard from then on to that shell. Thus every word you typed, in addition to going to the foreground application would be silently and invisibly interpreted as a command and executed with superuser privileges. Wow!

Be careful what you type in your text messages or URLs otherwise you might end up with a trashed software stack…

About these ads
  1. Z-man
    November 10, 2008 at 4:15 pm | #1

    They already patched this with RC30

  1. November 12, 2008 at 12:39 am | #1

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: