Years-old security flaw gives attacker full remote control of Android devices

Shows flaw laid out in detail at Defcon 18 months ago still offers back door to hackers

By  

Most of the basic security has to be done for them, and has to be built into either the devices or the operating system.

Cannon's little demo is another example of why Android's current security scheme needs a major overhaul, not a few minor tweaks.

Trust is a good thing, in general, especially in conjunction with verification. It's fine for Android to trust the security information applications give it, but only if it continues to keep track of what those apps do to make sure their main purpose is to provide a useful function, not to cross all the permission barriers Android can set up and hand off control to a stranger.

That shows a little too much trust.

Read more of Kevin Fogarty's CoreIT blog and follow the latest IT news at ITworld. Follow Kevin on Twitter at @KevinFogarty. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question