Serious Security Bugs Found In Android Kernel 230
geek4 writes with this excerpt from eWeek Europe: "An analysis of Google Android Froyo's open source kernel has uncovered 88 critical flaws that could expose users' personal information. An analysis of the kernel used in Google's Android smartphone software has turned up 88 high-risk security flaws that could be used to expose users' personal information, security firm Coverity said in a report published on Tuesday. The results, published in the 2010 edition of the Coverity Scan Open Source Integrity Report, are based on an analysis of the Froyo kernel used in HTC's Droid Incredible handset. ... While Android implementations vary from device to device, Coverity said the same flaws were likely to exist in other handsets as well. Coverity uncovered a total of 359 bugs, about one-quarter of which were classified as high-risk."
Re:The most interesting thing about that article.. (Score:4, Insightful)
score one for open source (Score:3, Insightful)
As for Windows Phone 7, what we don't know won't hurt us, right?
this is a Success for open-source! (Score:2, Insightful)
They are outed, and so get fixed even faster.
Good luck with the iOS/Wimpy7s bugs that are never announced/found due to this type of peer-review, and so there's no priority to fix them.
details? (Score:2, Insightful)
Re:Bug bounties? (Score:4, Insightful)
How much are these worth in bug bounty money?
To Google or to exploit writers? I'm sure they're both offering bounties but I don't think they pay the same.
Re:The most interesting thing about that article.. (Score:4, Insightful)
Probably not many.
Well 88 were found in the kernel, which is a linux kernel. But who knows how many of those are in the actual linux kernel mainline.
Re:Who cares about it when no updates available! (Score:3, Insightful)
Yeah, because IOS is so much more secure than Android. New phones are churning out every 6 months. If you want to be ahead that's the price you have to pay. A new iphone is released every year. I don't really see what you are bitching about. If upgrading your firmware to the latest and shiniest is so damned important, buy a phone that isn't locked down, like a galaxy s or nexus one or htc desire or etc, etc, etc and install from the multitudes of roms floating out there. My "ancient" G1 is running froyo right now, and while it may not be the snappiest, I haven't had too many issues asides from the lack of ram on the g1 and a random reboot every few days due to using swap and a somewhat flaky microsd card.
Really, even my lowly G1 is a million light years ahead of the crappy motorola candybar I replaced it with. This whole security issue is being blown way out of proportion. I would say that android by its own nature is fairly secure, seeing as how most everything runs in a sandbox anyways. If an app elevates permissions it should notify you and ask for your permission. Also it does say what each app has access to when you install. I don't really see what you could exploit here, since its a virtual machine running on top of a linux kernel. Yeah, you could exploit the kernel, but that wouldn't give you access to the VM running on top. Yeah you could get at the dalvik machine and probably execute overflows and whatnot, but there seems to be a good deal of internal checks against that sort of thing. IOS on the other hand runs everything natively. I would be willing to bet that IOS is easier to exploit than Android.
expose users' personal information (Score:4, Insightful)
Exposes more than, say, a very simple app (game?) that requires Full Network Access, Fine Grained Location, and access to your System Settings?
The biggest threat to personal information leaking on an Android phone are overly permissive apps, and the people who install them.
Re:88 critical flaws (Score:5, Insightful)
Number of new bugs we know about in Android: 88. Number of new bugs we know about in Windows for the phone? Note the process at work.
Re:88 critical flaws (Score:4, Insightful)
Well yes, they were found. How else would we be reading an article about them having been found if they hadn't been found?
Comment removed (Score:3, Insightful)
Re:The most interesting thing about that article.. (Score:4, Insightful)
A lot of people - myself included - refer to Darwin when talking about the OS, and Mac OS X when talking about all of the stuff that Apple bundles on the install CD (including Quartz, Cocoa, and so on).
Defining the OS as the kernel is problematic when you have microkernels, because the line between what is the kernel and what is userspace is blurred. With Symbian, for example, device drivers live in the kernel but they don't handle multiplexing between applications. When an application wants to access a hardware resource, it talks to a userspace server. Are these servers part of the OS?
The general working definition of an OS is the stuff that you need to boot the system and launch programs. With a UNIX-like system, this includes the init system (typically including a POSIX-compatible shell), and a set of libraries. Most importantly, it includes libc, because this is the public interface to the kernel's functionality. If you select a target when cross-compiling stuff for OS X, you select the Darwin target, not the OS X or XNU target (there isn't one), because the compiler needs to know things like the object format to use (Mach-O), the calling conventions (not defined by the kernel), and a few other things.
This is why people talk about GNU/Linux as a platform; because it's GNU libc, the GNU shell, and so on that their programs interact with. You can swap out the Linux kernel for something like a FreeBSD kernel much more easily than you can swap out the GNU stuff for BSD equivalents.
Some people use a slightly broader definition for UNIX-like systems, including everything needed for compliance with the Single UNIX Specification. Since this includes things like c99, c++, and vi, I think it's a little bit to broad, because the system can happily function without them.