October 06, 2011, 6:06 AM — In August 2010, hackers bent on jailbreaking Android smartphones found a vulnerability in the way the Android debugger handled an overwhelming number of processes. The code designed to exploit the flaw, dubbed RageAgainstTheCage, allowed users to reflash their smartphone and install custom firmware.
Google quickly patched the vulnerability in the Android Open Source Project, but there the fix languished. Smartphone manufacturers did not make pushing the patch out to users a priority. So, in March 2011, malicious programmers found an opportunity with the unpatched vulnerability: A Trojan horse dubbed DroidDream exploited the security issue to compromise more than 250,000 unpatched Android smartphones.
[ See why Apple's iOS is the most secure mainstream OS today. | Learn how to manage iPads, iPhones, Androids, BlackBerrys, and other mobile devices in InfoWorld's 20-page Mobile Management Deep Dive PDF special report. | Keep up on key mobile developments and insights via Twitter and with the Mobile Edge blog and Mobilize newsletter. ]
Nearly a year later, despite the threat of similar attacks, more than half of Android smartphones remain vulnerable to the flaw, according to mobile security firm Lookout.
The Android operating system's patch process poses a quandary for Google and a danger to users. Android's openness allows bugs to be found faster, but that benefit is offset by a longer supply chain in which manufacturers and vendors test patches at a glacial pace. Smartphone manufacturers must first create custom builds of the operating system that include their add-on software, then they test the software. Next, carriers take the firmware update and test it to make sure it does not harm their networks. The end result: Pushing patches out to users' smartphones is slowed. (Google declined to discuss the issue with InfoWorld.)