Security Flaw In Android Web Browser

← Back to Stories (view on slashdot.org)

Security Flaw In Android Web Browser

Posted by timothy on Saturday October 25, 2008 @08:13AM from the more-information-would-be-nice dept.

r writes "The New York Times reports on a security flaw discovered in the new Android phones. The article is light on details, but it hints at a security hole in the browser, allowing for trojans to install themselves in the same security partition as the browser: 'The risk in the Google design, according to Mr. Miller, who is a principal security analyst at Independent Security Evaluators in Baltimore, lies in the danger from within the Web browser partition in the phone. It would be possible, for example, for an intruder to install software that would capture keystrokes entered by the user when surfing to other Web sites. That would make it possible to steal identity information or passwords.'"

59 comments

Min score:

Reason:

Sort:

This would be an easy fix... by Anonymous Coward · 2008-10-25 08:14 · Score: -1, Flamebait

This would be an easy fix if users actually had access to things like source that they could compile themselves on the face. Unfortunately, Android is just as locked down and anti-user as anything by Apple, in spite of Google's "open platform" hype.
1. Re:This would be an easy fix... by Anonymous Coward · 2008-10-25 08:24 · Score: -1, Flamebait
  
  Thank You!
  
  Why is that concept so hard for everybody to grasp?! Did mothafuckas believe they'd be able their own encrypted VPN VoIP applications? Hell NAW, brother!
2. Re:This would be an easy fix... by Anonymous Coward · 2008-10-25 08:24 · Score: 4, Informative
  
  Erm, the entire source code for Android is now available, so yes, you can download it, fix it, compile it, then flash it onto your phone, or maybe a different phone.
3. Re:This would be an easy fix... by Anonymous Coward · 2008-10-25 08:32 · Score: 5, Funny
  
  Did mothafuckas believe they'd be able their own encrypted VPN VoIP applications?
  I think you accidentally a whole verb.
4. Re:This would be an easy fix... by fuzzyfuzzyfungus · 2008-10-25 08:47 · Score: 2, Insightful
  
  You seem to be confusing Android with a particular Android device. Unfortunately, thanks largely to the delightsome world of the telcomms, phones are a disgusting mass of lockdown, including Android ones. OpenMoko excepted.
  
  Android itself is, IIRC, Apache licenced, which certainly qualifies as free software. Unlike GPL3 stuff, though, it does not enforce your freedom on particular devices. It would have been very nice if Android had done that, the world could really use more phones that live up to their computery potential; but I suspect that, had google done so, the response would have been fewer android phones, not freer android phones.
5. Re:This would be an easy fix... by Anonymous Coward · 2008-10-25 08:51 · Score: 0
  
  Did mothafuckas believe they'd be able their own encrypted VPN VoIP applications?
  I think you accidentally a whole verb.
  Not the whole thing!
6. Re:This would be an easy fix... by larry+bagina · 2008-10-25 08:55 · Score: 1
  
  Are you speaking from experience? You flashed android onto a phone (and it works)? Or maybe you're just blowing it out your ass. If it was that simple, nobody would be complaining about tivo.
  
  --
  Do you even lift?
  These aren't the 'roids you're looking for.
7. Re:This would be an easy fix... by davester666 · 2008-10-25 08:55 · Score: 3, Insightful
  
  Are you sure you can flash new firmware onto the G1 based on the source, without the binary needing to be signed by T-Mobile?
  Being able to actually use personal builds doesn't necessary follow from the source being available.
  
  --
  Sleep your way to a whiter smile...date a dentist!
8. Re:This would be an easy fix... by MikaelC · 2008-10-25 09:51 · Score: 3, Informative
  
  Yep. Of course you will probably have to write new device drivers for a different phone. And judging by this comment it seems that the not all of the source for the G1 is available.
9. Re:This would be an easy fix... by Anonymous Coward · 2008-10-25 11:52 · Score: 3, Informative
  
  Actually yes you can, we haven't tried with the G1 yet, but have been putting Android on previous HTC models for quite a bit (even before Android was released)
10. Re:This would be an easy fix... by lysergic.acid · 2008-10-25 14:04 · Score: 2, Insightful
  
  his point is that the troll's blatant flamebaiting:
  
  This would be an easy fix if users actually had access to things like source that they could compile themselves on the face. Unfortunately, Android is just as locked down and anti-user as anything by Apple, in spite of Google's "open platform" hype.
  is untrue.
  users do in fact have access to the source and can compile it themselves. whether your phone is currently supported or has open hardware is a different and unrelated matter. you're flaming him on a completely inapt issue. just because he can't compile the linux kernal himself doesn't mean that it's not open source. or just because my copy of Microsoft Word won't read ODF doesn't mean it's not an open format.
11. Re:This would be an easy fix... by lysergic.acid · 2008-10-25 15:16 · Score: 3, Interesting
  so true. you have to wonder what cellular networks would be like if they were not closed proprietary infrastructure.
  of course there are the obvious things like:
  retail phones with mp3 players would actually let you use mp3s as ringtones, instead of forcing you to buy short, low-quality clips of the same songs from your service carrier at a higher cost than the actual song.
  calls & text messaging rates would correspond to their actual network costs--the same way e-mails, IMs, voice chat, etc. on the internet do not cost anything extra, but are covered by your ISP fees.
  retail phones come with original unrestricted firmware rather than the crippled carrier-rebranded interface that users see.
  but there'd be other less-obvious indirect benefits, such as:
  better nationwide network coverage--since we'd be using open public networks, cellphone towers would have a natural & more even distribution covering all parts of the country rather than having lots of redundant/competing infrastructure consisting of a bunch of small concentrated clumps of cellular coverage in urban areas with lucrative markets and almost no coverage at all in poorer, more sparsely populated areas.
  lower cost of entry to the handset market due to anyone being able to develop devices to use the open networks without carrier approval ($$$). this would lead to more handset makers, meaning lower handset costs & wider selections.
  boundless technological innovation and creativity. being unhampered by the draconian rule of the telecoms over their proprietary networks, anyone and everyone will be free to develop new and useful applications for the network. that is what propelled the internet from its primitive beginnings to the thriving online digital ecosystem it is today. such technological process is nonexistent on today's cellular networks because it's up to the carriers alone to implement new cellular applications, and they are adversed to experimenting with new technology prevent.
  the development of mobile communications networks would be put back into the hands of the people. right now people only get to pick their handset from a list of preapproved models allowed by their carrier. useless, poorly designed and unncessary technologies (WAP) continue to be forced on consumers. instead of this, consumer demand would drive the adoption of new/useful technology, while bad products/services designed solely to exploit consumers would be immediately dispensed with.
  this may seem like a pipe dream right now, but it might happen if wireless access internet becomes a basic public utility like roads and sidewalks. VoIP services like Vonage are already stealling business customers from conventional telecoms because of their competitive pricing. old business models will no longer be viable in the information age as closed proprietary specialized communication networks are assimilated by the open and public internet, which is a generalized communication network that can serve the needs of telecommunication, radio broadcast, TV broadcast, etc.
12. Re:This would be an easy fix... by MadnessASAP · 2008-10-25 16:01 · Score: 1
  
  And I want a pony, doesn't mean I'm gonna get it though. The reason your dream, as wondersoem as it is, will never happen is becuase of money. Infrastructure doesn't just grow out of the ground, it costa money lots of it. And carriers have to first invest in infrastucture and then the profit follow, so you better beleive they are going to fight tooth and nail for every square inch of it that the ycan get. The only way your dream will ever happen is if the governments go back to heavily subsidizing and regulating the industry in an open and fair way. But of course that wont happen because that's communism, unless it fattens the wallet of a politician in whcih case it becomes "helping the consumer." Either way, no telcom dream for you, and no pony for me.
  
  --
  I may agree with what you say, but I will defend to the death your right to face the consequences of saying it.
13. Re:This would be an easy fix... by im_thatoneguy · 2008-10-25 21:21 · Score: 2, Insightful
  
  Ummmm...
  My AT&T phone lets me use any MP3 as long as it's less than 60 seconds long and a couple of sampling requirements. Which tells me it's related to the ringtone playback software not some lockdown. Also the Googlephone allows this.
  What's an "Actual network cost" I'm happy that 14 year old girls are subsidizing my actual network costs with their outrageous text messaging fees. With an unlimited data plan you can IM all you want through chat applications. For instance the Google phone's best feature is its notifications pane which does an amazing job of managing all your internet aware apps. So forget text messaging and just use GTalk or MSN or whatever IM clients it supports. Also with the google phone I think TMobile includes texting with the data plan so you could do that too.
  Again. Android has little to zero branding. IPhone has almost no branding. HTC Touch/TouchPro/Diamond don't seem very heavily branded or modified. Even my AT&T Phone looks like any other LG Phone except that it has AT&T up on the status pane. OH NO!
  How would this magical "no redundancy" network operate exactly? And how would they share space? "Oh sorry I already have a tower in downtown New York. Too bad for you! And if someone's tower coverage was poor who do you complain to? Who's tower was it? That sounds like a fantastic way to develop a network monopoly. I also don't see how this free for all would result in better coverage in rural areas. I'm suspicious that the only profit that they derive from those towers as it is--is from urban centers offsetting their costs and offering the rural areas to ensure their customers can roam.
  Considering all handsets tend to be carrier subsidized I'm not certain how all phones being sold at retail price would be considered "cheaper". It would certainly mean less lock-in but I don't know about cheaper. I'm not going to pay $600 for a smart phone I know that.
  Again. I'm not certain what draconian rules you're refering to. Let's take Android as an example. What draconian rules are being imposed? The only software I think that is banned is VOIP software. And that would probably be spectacularly spotty in quality over a wireless data link. VOIP requires nice low latency coverage. Low Latency and multi-point wireless broadband are not synonymous. This might be true of my AT&T LG phone. But the sky is the limit with just about every single Windows Mobile, Android or iPhone.
  I'm all about dumb fat pipe but I disagree strongly with how far from that we currently are. Furthermore. I also disagree that our cellphone networks are ready for a dumb fat pipe to work well.
14. Re:This would be an easy fix... by Superken7 · 2008-10-25 22:32 · Score: 2, Insightful
  
  You don't actually need to replace the entire firmware of the phone.
  The Application Framework is designed in a way that permits you to replace any application with your own application. Be it the dialer, contacts manager or web browser.
  That said, i would still like to know if there are already any efforts of trying to replace the entire firmware. I presume the HTC phone is designed (or android has been modified) in a way that prevents that kind of tampering, but i still have not heard of any hacking attempts.
  Hello reverse engineers ? :-)
15. Re:This would be an easy fix... by Anonymous Coward · 2008-10-26 06:01 · Score: 0
  
  Did a 4chan meme posted anonymously just get modded +5 on slashdot?
16. Re:This would be an easy fix... by xaositects · 2008-10-28 03:53 · Score: 1
  
  G1 lets you use any mp3 on your phone for any notification, regardless of length.
Quality Issues? by postbigbang · 2008-10-25 08:19 · Score: 0

It'll be interesting to see how fast Google reacts to this. Their quality assurance has been questioned recently in the light of GMail going down, oddities with Google Ads, and so on. With luck they'll become software heros, but they also risk a huge backlash if they don't pay attention to quality issues in the face of others that are trying.

--
---- Teach Peace. It's Cheaper Than War.
1. Re:Quality Issues? by Anonymous Coward · 2008-10-25 08:51 · Score: 1, Insightful
  
  Quality has never been a concern for google. They are a culture of academics. They just want to make a proof-of-concept, and that's good enough. (Just like writing a paper, you only need to make it work ONCE.)
  All of their ventures display that. None of them get, as they say, "productized."
  Do a job interview with them (I never have, but know several who have). All they care about is algorithms. If you even mention practices, you get turfed. They're a bunch of cowboy coders with no discipline.
2. Re:Quality Issues? by Anonymous Coward · 2008-10-25 19:42 · Score: 2, Funny
  
  I liked you better when you were throwing chairs, Mr. Ballmer.
Hmm by tsa · 2008-10-25 08:20 · Score: 5, Insightful

It seems Mr. Miller doesn't like the Google Phone much. He should have notified Google of the bug and give them time to fix it before going public (as Google states in TFA).

--
-- Cheers!
1. Re:Hmm by Shemmie · 2008-10-25 08:50 · Score: 5, Informative
  
  I was about to agree with you. However, upon reading their page:
  
  The Android security architecture is very well constructed and the impact of this attack is somewhat limited by it. A successful attacker will have access to any information the browser may use, such as cookies used for accessing sites, information put into web application form fields, saved passwords, etc. They may also change the way the browser works, tricking the user into entering sensitive information. However, they can not control other, unrelated aspects of the phone, such as dialing the phone directly. This is in contrast, for example, with Apple's iPhone which does not have this application sandboxing feature and allows access to all features available to the user when compromised. For more information on the security of the iPhone, visit ISE's site describing the first exploit of an iPhone security vulnerability here.
2. Re:Hmm by Shemmie · 2008-10-25 08:51 · Score: 4, Informative
  
  Oops, left out:
  
  Working with Google
  Google was notified of this issue on October 20th, 2008. We are working with them to try to get a fix as quickly as possible.
3. Re:Hmm by Anonymous Coward · 2008-10-25 08:59 · Score: 0
  
  Wow! An Ad Hominem attack! That certainly changes the fact that there is a security issue with the android browser, doesn't it?
  Mr. Miller is under no obligation to tell Google anything, unless he is their paid consultant. I certainly wouldn't do their QA work for them for free.
4. Re:Hmm by Vexorian · 2008-10-25 14:52 · Score: 0, Offtopic
  
  Yeah right! Everybody knows of that little trick to cut your posts so
  
  --
  
  Copyright infringement is "piracy" in the same way DRM is "consumer rape"
5. Re:Hmm by Vexorian · 2008-10-25 14:53 · Score: 1
  
  oops, sorry forgot to put this:
  So you get twice as much karma!
  
  --
  
  Copyright infringement is "piracy" in the same way DRM is "consumer rape"
6. Re:Hmm by rsmith-mac · 2008-10-25 15:19 · Score: 1
  
  This is in contrast, for example, with Apple's iPhone which does not have this application sandboxing feature and allows access to all features available to the user when compromised
  When that exploit was published, it was the infamous TIFF exploit in the iPhoneOS 1.0-1.1.1. At the time the iPhone ran everything as root, so compromising Safari immediately granted root access. Since 1.1.3 however Apple has gone to granular permissions, most applications run as the limited "Mobile" user, for example. With that in mind, I'm not sure if the author's statement is true any longer. Safari certainly runs as a limited user, I just don't know how limited it is.
7. Re:Hmm by Chlorus · 2008-10-25 15:59 · Score: 1
  
  It seems Mr. Miller doesn't like the Google Phone much. He should have notified Google of the bug and give them time to fix it before going public (as Google states in TFA).
  When the hell would any slashdotter extend that courtesy, to say, M$ or Sun?
8. Re:Hmm by Anonymous Coward · 2008-10-25 23:51 · Score: 0
  
  Twice zero is still zero, I see...
  Maybe you should've added a "Burma Shave"?
Microsoft strikes again by Anonymous Coward · 2008-10-25 08:33 · Score: -1, Flamebait

We all know that M$ is behind this. After all, how else would they be able to post their research on the web if they didn't use AOL in Windows?
what the fuck it's ohrrible by Anonymous Coward · 2008-10-25 08:35 · Score: 0

somebody broke slashdot
1. Re:what the fuck it's ohrrible by Anonymous Coward · 2008-10-25 08:56 · Score: -1
  
  Nevermind, clearing the ol' cache fixed it.
  For more info, check out this page.
2. Re:what the fuck it's ohrrible by Ethanol-fueled · 2008-10-25 09:00 · Score: 2, Funny
  
  After reading the article you linked to, I'm not sure what Yahoo is trying to suggest.
  
  Perhaps it's a conceptual description of how Yahoo's staff would feel if Yahoo were bought out by Microsoft.
3. Re:what the fuck it's ohrrible by Anonymous Coward · 2008-10-25 09:10 · Score: 0
  
  Nobody knows for sure, but it's wide open for debate.
iPhone weak like other smartphones? by alphad0g · 2008-10-25 08:45 · Score: 5, Interesting

It would be interesting to hear more about this hack as they seem to make a pretty bold and bogus claim in the article:

"Unlike modern personal computers and other advanced smartphones like the iPhone, the Google phone creates a series of software compartments that limit the access of an intruder to a single application."

The iPhone is very compartmentalized. That is why there is no cut and paste - all apps are limited to their own directory. Anyone that has jailbroken an iPhone is familiar with how one app can NOT access data in another apps directory unless permissions are changed.

Anyone else know more about this comment? It is true for WinMo smartphones - no perms at all, but I am pretty sure that the iPhone does not apply. Is this just a dig at apple?
1. Re:iPhone weak like other smartphones? by Anonymous Coward · 2008-10-25 09:19 · Score: 3, Informative
  
  It is true for WinMo smartphones - no perms at all, but I am pretty sure that the iPhone does not apply.
  Not quite... Windows Mobile has security based on privilege levels (e.g. user vs. admin in the desktop world), so I don't think it's fair (or accurate) to say "no perms at all." You can assign access rights to resources (files, registry keys, etc.) associated with your application, so other apps must be appropriately signed to initeract with your data.
  Contrast that with the iPhone: Everything that ships on an iPhone runs as root, and not in a compartment. Period. If you hack the browser (or any other in-ROM app), you've hacked the entire device with root level access (how do you think jailbreak works?).
  You're probably thinking of app-store applications. Things installed from the app-store run sandboxed in their own compartment, but that's only because Apple doesn't have a reasonable security model in place throughout the rest of the system. Oh, and you also can't run multiple sandboxed apps simultaneously. It's really a much worse security story than you're imagining, I think.
2. Re:iPhone weak like other smartphones? by RiotingPacifist · 2008-10-25 09:42 · Score: 1
  
  bullshit! how do you think the jailbreak works? the browser runs as root. iPhone = least secure phone EVER!!!
  
  --
  IranAir Flight 655 never forget!
3. Re:iPhone weak like other smartphones? by Anonymous Coward · 2008-10-25 09:46 · Score: 0
  
  That is such a nonsense. That is restriction put on the apps from the app store.
  Everything runs under the same user. An attack that would get control of the browser would be able to access anything on the phone that the user it is running under can.
4. Re:iPhone weak like other smartphones? by Free+the+Cowards · 2008-10-25 13:40 · Score: 1
  
  Just in the interests of accuracy, I note that the "navigate to a site that hacks your browser and jailbreaks your phone" jailbreaker has been dead for quite a long time. Modern jailbreakers work by exploiting the phone as it's connected to the computer over the USB cable. I think they perform a software restore and convince it to load a hacked OS, but I'm not sure.
  None of this detracts in any way from your overall point, though. The "hack your browser" jailbreaker no longer works because Apple patched the bug it exploited, not because the browser no longer runs as root.
  
  --
  If you mod me Overrated, you are admitting that you have no penis.
5. Re:iPhone weak like other smartphones? by Anonymous Coward · 2008-10-25 14:11 · Score: 1, Informative
  
  The jailbreak doesn't happen through the browser. It requires flashing the OS through the USB cable. Has anyone here actually used an iPhone?
6. Re:iPhone weak like other smartphones? by nahdude812 · 2008-10-25 15:14 · Score: 3, Informative
  
  It used to work by exploiting a vulnerability in TIFF processing. The browser runs as root, and the earlier jailbreak app was a "visit this site, reboot, and you're done" sort of thing. As Free The Cowards said, this doesn't work this way not because they changed the permissions model, but because they closed the TIFF exploit.
  
  --
  Slay a dragon... over lunch!
7. Re:iPhone weak like other smartphones? by Moebius+Loop · 2008-10-25 15:20 · Score: 1
  
  Contrast that with the iPhone: Everything that ships on an iPhone runs as root, and not in a compartment. Period. If you hack the browser (or any other in-ROM app), you've hacked the entire device with root level access (how do you think jailbreak works?).
  FYI, the iPhone has not run user apps as root since version 2.0 came out. They run as a secondary non-privileged user. Of course, your personal data is also owned by that user, so it's still not anything like the Android sandbox.
  
  --
  have you been seen on slash?
8. Re:iPhone weak like other smartphones? by Moebius+Loop · 2008-10-25 15:21 · Score: 1
  
  MobileSafari has not run as root since version 2.0. It now runs as the 'mobile' unprivileged user.
  
  --
  have you been seen on slash?
Here's why. by Anonymous Coward · 2008-10-25 08:47 · Score: 3, Insightful

He should have notified Google of the bug and give them time to fix it before going public (as Google states in TFA).

..according to Mr. Miller, who is a principal security analyst at Independent Security Evaluators in Baltimore
It wouldn't have given him a name. Now, when the CIOs are reading the tech highlights on their Crackberries, what they'll see is Miller-Independent-Security-Evaluators-Baltimore-finds-security-flaw. And then think ... must hire next time I need security advice.
In this incredibly competitive world where you're competing with everyone all over the World and there's plenty of folks who'll do it cheaper, you have to find ways to stand out. Never compete on price because there's always someone who'll do it cheaper. Could he have told Google? Sure. But it wouldn't have made a splash in the media and when it got posted here on Slashdot, it would have said instead that "Google fixes security flaw" with no mention of Miller.
So, that's is why Mr. Miller jumped the gun and published his findings.
Being in business can really suck.
1. Re:Here's why. by Directrix1 · 2008-10-25 10:04 · Score: 1
  
  Yeah, well now he will be seen as somebody who doesn't know how to do a simple security related bug report. Yeah, I totally want his advice.
  
  --
  Occam's razor is the blind faith in the natural selection of least resistance and in universal oversimplification. -- EF
Fix Speed vs Apple by CritterNYC · 2008-10-25 09:02 · Score: 1, Insightful

It will be interesting to see how quickly Google fixes this compared to how long it took Apple to fix the security issues in Safari on the iPhone (a couple months, I believe, was their slowest).

--
Portable versions of Firefox, GIMP, LibreOffice, etc
1. Re:Fix Speed vs Apple by onefriedrice · 2008-10-25 09:20 · Score: 1
  
  Yeah, it's a sad position for Apple. Either they fix their security vulnerabilities quickly and everyone cries about how they are killing jailbreaking because everyone knows they just want complete control over the iPhone... or they leave the door open a while and all of the sudden they are slow at plugging security holes.
  
  --
  This author takes full ownership and responsibility for the unpopular opinions outlined above.
2. Re:Fix Speed vs Apple by Miseph · 2008-10-25 09:43 · Score: 1
  
  Of course, they could just fix the security holes without imposing draconian controls on what's installed or how... but I guess that would run afoul of their stated interests.
  
  --
  Try not to take me more seriously than I take myself.
3. Re:Fix Speed vs Apple by Anonymous Coward · 2008-10-25 14:58 · Score: 0
  
  Wow two frigging months? I wonder how the apple fan boys feel in Monday when this is fixed
4. Re:Fix Speed vs Apple by Superken7 · 2008-10-25 22:46 · Score: 1
  
  from TFA:
  He said that the company had already fixed an open-source version of the software and was working with its partners, T-Mobile and HTC, to offer fixes for its current customers.
  so anybody who is impatient enough should be already able to replace the browser with a custom build. :)
Goatse warning by Crazyswedishguy · 2008-10-25 09:31 · Score: 1

Don't click the link above unless you have something stuck in your stomach that you're trying to get out.

--
This space up for sale.
1. Re:Goatse warning by Anonymous Coward · 2008-10-25 09:57 · Score: -1, Troll
  
  Some faggot and/or nigger like this always has to go and spoil the fun for us decent and respectable trolls. Good job you twat.
2. Re:Goatse warning by Anonymous Coward · 2008-10-25 15:53 · Score: 0
  
  If anybody is deserving of a +5 Troll, it's you.
Can we make this any more clear? by THESuperShawn · 2008-10-25 11:29 · Score: 2, Funny

NOW do you see why we call everything we do a "beta"? Sheesh! Your Friend, Google

--
Repant. Thy end is sheer.
you fail It by Anonymous Coward · 2008-10-25 12:15 · Score: -1, Troll

started work on al parties it's
newsflash by Dreen · 2008-10-26 02:55 · Score: 1

newsflash: new software has bugs
Security SDK Announced for Android by wurtis · 2008-10-26 07:15 · Score: 1

Shameless commerce, but relevant: My company, Mocana, just announced a security SDK for Googleâ(TM)s Android platform that readers of this article might be interested in investigating. With it Android developers can build robust encryption, authentication, VPN, antivirus and antimalware feature into Android Handsets. Itâ(TM)s called NanoPhone, and you can learn more at http://mocana.com/NanoPhone-Android.html -Kurt
Good in a way by Darkness404 · 2008-10-26 12:18 · Score: 1

This is good in a way similar to the iPhone Safari attacks, while it is bad as any security flaw is, this might pave a way for unlocking, etc.

--
Taxation is legalized theft, no more, no less.
Re: by clint999 · 2008-10-26 12:30 · Score: -1

This is in contrast, for example, with Apple's iPhone which does not have this application sandboxing feature and allows access to all features available to the user when compromised

--
College-Pages.com - Online Colleges, Degrees, and Programs