The InformationWeek -- Blogs
Welcome Guest. | Log In| Register | Membership Benefits

Open Source Blog

Topics:   Open Source

  • Email this page E-mail this page
  • Print this page Print this page
  • Bookmark and Share
  • icon

Android Is (Or Was) Insecure? Don't Panic


Posted by Serdar Yegulalp, Mar 5, 2008 10:28 AM

After news broke the other day that Google's Android handset development library had several vulnerabilities that could be exploited by an attacker, I braced for a flood of "Told you so!"-type announcements.  Frankly, the fact that these problems have shown up at this stage in the development process isn't a bad thing. This is the best possible scenario.

The first and most obvious thing to get out of the way is that the Android libraries are all still very much a beta product.  Nobody's created a commercially available device that uses the library (yet), so any attacks that could be carried out wouldn't affect anyone except the people doing development.  In fact, this problem already has been fixed in the most recent release of the platform build.

The fact that problems have turned up at this stage isn't a bad thing.  When the development of a project this large and attractive is done out in the open, instead of behind closed doors, there are that many less mysteries about what might go wrong -- and what could be used against the people who depend on it.  It also means the developers are beholden to the public as a whole to fix these problems, not internal pressures.  The system's working as intended, and that's the best news of all.

« Android SDK Not Secure, Vulnerable To Attack | Main | ETech: Hungry Machine Comes Recommended »



Sign Up Now
For InformationWeek News Alerts




This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.

Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.

Important Note: This comment area is NOT intended for commercial messages or solicitations of business.


 
 

  1. No Silver Bullet for Parallelism
  2. Think Parallel 2010, Five Years of Multicore
  3. It's All In the Strategy, It's All About the Design

Join The InformationWeek Group On LinkedIn


  1. Verizon Wireless Details Android 2.1 Update For Droid
  2. Google Overhauls Maps For Android
  3. 'Hundreds Of Thousands' Of iPads Ordered So Far
  4. Advantages Of PCI-Based SSDs

  1. Google Releases Free Web Security Scanner
  2. GAO: Multiple Failures Sunk Border Security System
  3. Adobe Flash CS5 For Windows May Violate Apple Rules
  4. FCC Tests Spectrum Dashboard
  5. Samsung, LG Forecast Smartphone Gains
  6. White House Shutters Financial Systems Standards Effort

 
  Ars Technica
Boing Boing
Channel 9 Forums
CRN Blogs
Dr.Dobb's Portal: Blogs
Engadget
Gizmodo
GrokLaw 		  Lifehacker
Schneier on Security
Slashdot
TechCrunch
Techdirt
Techmeme
Valleywag
  DECEMBER 2008
NOVEMBER 2008
OCTOBER 2008
SEPTEMBER 2008
AUGUST 2008
JULY 2008
JUNE 2008
MAY 2008 		  APRIL 2008
MARCH 2008
FEBRUARY 2008
JANUARY 2008
DECEMBER 2007
NOVEMBER 2007
OCTOBER 2007
SEPTEMBER 2007