Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Flaw In Android Web Browser

Posted by timothy on from the more-information-would-be-nice dept.

r writes "The New York Times reports on a security flaw discovered in the new Android phones. The article is light on details, but it hints at a security hole in the browser, allowing for trojans to install themselves in the same security partition as the browser: 'The risk in the Google design, according to Mr. Miller, who is a principal security analyst at Independent Security Evaluators in Baltimore, lies in the danger from within the Web browser partition in the phone. It would be possible, for example, for an intruder to install software that would capture keystrokes entered by the user when surfing to other Web sites. That would make it possible to steal identity information or passwords.'"

13 of 59 comments (clear)

  1. Hmm by tsa · · Score: 5, Insightful

    It seems Mr. Miller doesn't like the Google Phone much. He should have notified Google of the bug and give them time to fix it before going public (as Google states in TFA).

    --

    -- Cheers!

    1. Re:Hmm by Shemmie · · Score: 5, Informative
      I was about to agree with you. However, upon reading their page:

      The Android security architecture is very well constructed and the impact of this attack is somewhat limited by it. A successful attacker will have access to any information the browser may use, such as cookies used for accessing sites, information put into web application form fields, saved passwords, etc. They may also change the way the browser works, tricking the user into entering sensitive information. However, they can not control other, unrelated aspects of the phone, such as dialing the phone directly. This is in contrast, for example, with Apple's iPhone which does not have this application sandboxing feature and allows access to all features available to the user when compromised. For more information on the security of the iPhone, visit ISE's site describing the first exploit of an iPhone security vulnerability here.

    2. Re:Hmm by Shemmie · · Score: 4, Informative
      Oops, left out:

      Working with Google
      Google was notified of this issue on October 20th, 2008. We are working with them to try to get a fix as quickly as possible.

  2. Re:This would be an easy fix... by Anonymous Coward · · Score: 4, Informative

    Erm, the entire source code for Android is now available, so yes, you can download it, fix it, compile it, then flash it onto your phone, or maybe a different phone.

  3. Re:This would be an easy fix... by Anonymous Coward · · Score: 5, Funny

    Did mothafuckas believe they'd be able their own encrypted VPN VoIP applications?

    I think you accidentally a whole verb.

  4. iPhone weak like other smartphones? by alphad0g · · Score: 5, Interesting

    It would be interesting to hear more about this hack as they seem to make a pretty bold and bogus claim in the article:

    "Unlike modern personal computers and other advanced smartphones like the iPhone, the Google phone creates a series of software compartments that limit the access of an intruder to a single application."

    The iPhone is very compartmentalized. That is why there is no cut and paste - all apps are limited to their own directory. Anyone that has jailbroken an iPhone is familiar with how one app can NOT access data in another apps directory unless permissions are changed.

    Anyone else know more about this comment? It is true for WinMo smartphones - no perms at all, but I am pretty sure that the iPhone does not apply. Is this just a dig at apple?

    1. Re:iPhone weak like other smartphones? by Anonymous Coward · · Score: 3, Informative

      It is true for WinMo smartphones - no perms at all, but I am pretty sure that the iPhone does not apply.

      Not quite... Windows Mobile has security based on privilege levels (e.g. user vs. admin in the desktop world), so I don't think it's fair (or accurate) to say "no perms at all." You can assign access rights to resources (files, registry keys, etc.) associated with your application, so other apps must be appropriately signed to initeract with your data.

      Contrast that with the iPhone: Everything that ships on an iPhone runs as root, and not in a compartment. Period. If you hack the browser (or any other in-ROM app), you've hacked the entire device with root level access (how do you think jailbreak works?).

      You're probably thinking of app-store applications. Things installed from the app-store run sandboxed in their own compartment, but that's only because Apple doesn't have a reasonable security model in place throughout the rest of the system. Oh, and you also can't run multiple sandboxed apps simultaneously. It's really a much worse security story than you're imagining, I think.

    2. Re:iPhone weak like other smartphones? by nahdude812 · · Score: 3, Informative

      It used to work by exploiting a vulnerability in TIFF processing. The browser runs as root, and the earlier jailbreak app was a "visit this site, reboot, and you're done" sort of thing. As Free The Cowards said, this doesn't work this way not because they changed the permissions model, but because they closed the TIFF exploit.

      --
      Slay a dragon... over lunch!
  5. Here's why. by Anonymous Coward · · Score: 3, Insightful

    He should have notified Google of the bug and give them time to fix it before going public (as Google states in TFA).

    ..according to Mr. Miller, who is a principal security analyst at Independent Security Evaluators in Baltimore

    It wouldn't have given him a name. Now, when the CIOs are reading the tech highlights on their Crackberries, what they'll see is Miller-Independent-Security-Evaluators-Baltimore-finds-security-flaw. And then think ... must hire next time I need security advice.

    In this incredibly competitive world where you're competing with everyone all over the World and there's plenty of folks who'll do it cheaper, you have to find ways to stand out. Never compete on price because there's always someone who'll do it cheaper. Could he have told Google? Sure. But it wouldn't have made a splash in the media and when it got posted here on Slashdot, it would have said instead that "Google fixes security flaw" with no mention of Miller.

    So, that's is why Mr. Miller jumped the gun and published his findings.

    Being in business can really suck.

  6. Re:This would be an easy fix... by davester666 · · Score: 3, Insightful

    Are you sure you can flash new firmware onto the G1 based on the source, without the binary needing to be signed by T-Mobile?

    Being able to actually use personal builds doesn't necessary follow from the source being available.

    --
    Sleep your way to a whiter smile...date a dentist!
  7. Re:This would be an easy fix... by MikaelC · · Score: 3, Informative

    Yep. Of course you will probably have to write new device drivers for a different phone. And judging by this comment it seems that the not all of the source for the G1 is available.

  8. Re:This would be an easy fix... by Anonymous Coward · · Score: 3, Informative

    Actually yes you can, we haven't tried with the G1 yet, but have been putting Android on previous HTC models for quite a bit (even before Android was released)

  9. Re:This would be an easy fix... by lysergic.acid · · Score: 3, Interesting

    so true. you have to wonder what cellular networks would be like if they were not closed proprietary infrastructure.

    of course there are the obvious things like:

    • retail phones with mp3 players would actually let you use mp3s as ringtones, instead of forcing you to buy short, low-quality clips of the same songs from your service carrier at a higher cost than the actual song.
    • calls & text messaging rates would correspond to their actual network costs--the same way e-mails, IMs, voice chat, etc. on the internet do not cost anything extra, but are covered by your ISP fees.
    • retail phones come with original unrestricted firmware rather than the crippled carrier-rebranded interface that users see.

    but there'd be other less-obvious indirect benefits, such as:

    • better nationwide network coverage--since we'd be using open public networks, cellphone towers would have a natural & more even distribution covering all parts of the country rather than having lots of redundant/competing infrastructure consisting of a bunch of small concentrated clumps of cellular coverage in urban areas with lucrative markets and almost no coverage at all in poorer, more sparsely populated areas.
    • lower cost of entry to the handset market due to anyone being able to develop devices to use the open networks without carrier approval ($$$). this would lead to more handset makers, meaning lower handset costs & wider selections.
    • boundless technological innovation and creativity. being unhampered by the draconian rule of the telecoms over their proprietary networks, anyone and everyone will be free to develop new and useful applications for the network. that is what propelled the internet from its primitive beginnings to the thriving online digital ecosystem it is today. such technological process is nonexistent on today's cellular networks because it's up to the carriers alone to implement new cellular applications, and they are adversed to experimenting with new technology prevent.
    • the development of mobile communications networks would be put back into the hands of the people. right now people only get to pick their handset from a list of preapproved models allowed by their carrier. useless, poorly designed and unncessary technologies (WAP) continue to be forced on consumers. instead of this, consumer demand would drive the adoption of new/useful technology, while bad products/services designed solely to exploit consumers would be immediately dispensed with.

    this may seem like a pipe dream right now, but it might happen if wireless access internet becomes a basic public utility like roads and sidewalks. VoIP services like Vonage are already stealling business customers from conventional telecoms because of their competitive pricing. old business models will no longer be viable in the information age as closed proprietary specialized communication networks are assimilated by the open and public internet, which is a generalized communication network that can serve the needs of telecommunication, radio broadcast, TV broadcast, etc.