Security Holes In Google's Android SDK

Redon Buckeye writes "Google's Android software development kit is using several outdated and vulnerable open-source image processing libraries, some of which can be exploited to take complete control of mobile devices running the Android platform. From the article: 'Several vulnerabilities have been found in Android's core libraries for processing graphic content in some of the most used image formats (PNG, GIF, and BMP). While some of these vulnerabilities stem from the use of outdated and vulnerable open source image-processing libraries, other were introduced by native Android code that uses them or that implements new functionality.'"

Re:the point being?

[ajs318]

Except that isn't how Google work. Google only like software being Open Source when it has been written by other people.

Google wouldn't release so much as a single byte of Source Code, if it wasn't for the GPL making them do so. (Where's the Source Code for Picasa? Or Google Earth? Or any of the other "free" [as in, "this dog is free from lice"] software they give away?) In fact, I'm even surprised they're basing Android on Linux and not one of the BSDs. I guess it could just be an image thing, because Linux is much better known.

If Google ever sponsor a GPL project from the ground up, it is only because they want to be able to claim copyright on the code and therefore release it as Caged Software.