Sunday, December 4, 2011

Some Android phones fail to enforce permissions, exposed to unauthorized app access


Eight Android phones, including the Motorola Droid X and Samsung Epic 4G, were found to house major permission flaws according to a research team at North Carolina State University. Their study revealed untrusted applications could send SMS messages, record conversations and execute other potentially malicious actions without user consent. Eleven of the thirteen areas analyzed (includes geo-location and access to address books) showed privileges were exposed by pre-loaded applications. Interestingly, Nexus devices were less vulnerable, suggesting that the other phone manufacturers may have failed to properly implement Android's security permissions model. Google and Motorola confirm the present flaws while HTC and Samsung remain silent. Exerting caution when installing applications should keep users on their toes until fixes arrive.

[Thanks, John]

Some Android phones fail to enforce permissions, exposed to unauthorized app access originally appeared on Engadget on Fri, 02 Dec 2011 21:56:00 EDT. Please see our terms for use of feeds.

Permalink Ars Technica  |  sourceNorth Carolina State University  | Email this | Comments


Source: http://feeds.engadget.com/~r/weblogsinc/engadget/~3/hCuwmZG3svg/

jerry sandusky toyota recall order of operations carrie underwood eric church sara evans lionel richie

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.