Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Expert Warns of Android Browser Flaw

Posted by Soulskill on from the memory-leak-leading-to-robot-revolt dept.

justice4all writes "Google is working on a fix to a zero-day flaw discovered by British security expert Thomas Cannon that could lead to user data on a mobile phone or tablet device being exposed to attack. Cannon informed Google before posting information about the flaw on his blog. 'While doing an application security assessment one evening I found a general vulnerability in Android which allows a malicious website to get the contents of any file stored on the SD card,' Cannon wrote. 'It would also be possible to retrieve a limited range of other data and files stored on the phone using this vulnerability.'" Sophos's Chester Wisniewski adds commentary on how this situation is one of the downsides to Android's increasing fragmentation in the mobile marketplace.

3 of 98 comments (clear)

  1. This is why I love iPhone by Anonymous Coward · · Score: 4, Funny

    On iOS, vulnerabilities are only used for jailbreaks.

  2. Android cloud computing rates by MillionthMonkey · · Score: 4, Funny

    Tired of Amazon S2 prices piling onto your organization's IT expenses? Thinking of running large distributed apps on your own equipment? We offer cloud computing services for cheap!

    Standard on-demand instances:
    Small (1000 Android cellphones): $0.05 per hour
    Large (5000 Android cellphones: $0.20 per hour
    Extra large: call

    Get a 10% discount if you sign up before zero day is over.

  3. Re:The real problem is... by froggymana · · Score: 3, Funny

    Shouldn't they think outside of the box? Why not have a patch Monday so they can be one step ahead of microsoft?

    --
    "To prevent this day from getting any worse, I'll just read ERROR as GOOD THING" 1GJU8xLuDKDxEs4KLf8fAGyptoDsqvEsBT