Security issues in Android endanger your personal information

Two critical security issues with Google's OS demonstrate how malicious hackers can easily break Android's defense and infect your phone with malware. The first one was exploited by Android researcher Jon Oberheide, who recently published the Bonus Level app for the immensely popular Angry Birds game. But before he released the add-on, he used the Account Manager app to create an authentication token for the Android Market and as a consequence he was given permission to install a few more apps along with the add-on. These apps are Fake Toll Fraud, Fake Contact Stealer and Fake Location Tracker and before they were remotely removed by Google, the apps had the authorization to text premium rate phone numbers and secretly visit websites, although it's important to note that they served only as demonstration.

The second security flaw is related to HTC phones with version of Android below 2.2. It's concerned with the automatic update of the Flash Lite plug-in, because it allows installation of software packages without the user's consent. This is a security loophole that may lead to other software applications (like malware, for example) being installed without the knowledge of the phone owner. The good news is that this was fixed with Froyo's release, although only one-third of all HTC Android phones have version 2.2 on board.

We are sure that Google is working on these (and similar) issues, but sometimes it is really unsettling when you know how easy someone can access information on your phone. Fingers crossed that in the very near future Google will deliver safer and better version of Android, starting with Gingerbread.

source: Electricpig