Google Android Vulnerability Crops Up

Google’s Android platform hasn’t been public for too long before Charlie Miller of Independent Security Evaluators in Baltimore discovered a vulnerability in the platform, and mentioned it to the New York Times. By exploiting this, he was able to redirect the G1’s web browser to a malicious web site which would allow it to install keystroke logging software. While applications in Android are “sandboxed” so as to limit the damage, a keylogger would be really dangerous to users, especially if they try to access their bank accounts. Google aren’t too happy that Miller didn’t give them time to develop a fix before going public with the flaw, but Miller thinks that if he can hack the system, others can do the same quietly, and take advantage of clueless users.