University research finds major permission flaws in Android models

Who says that University research is a waste of money? At North Carolina State University, researchers found that some Android devices have major permission flaws that allow untrusted apps to record your phone conversations, send you SMS messages, obtain geo-locations and do other things without your consent. 13 areas were analyzed and 11 revealed privileges were exposed thanks to a pre-loaded app.

The HTC EVO 4G and the HTC Legend were among the models with the most vulnerability among the 8 handsets cited by the report. Google and Motorola are confirming that the flaws exist while HTC and Samsung are quiet.With Stock Android powered Nexus models scoring the best, it would seem to indicate that phone manufacturers are not adhering to the security permission model devised by Google.

The study from North Carolina State University used a system the research team developed, called Woodpecker. This system checked all apps on a phone for 13 permissions that protect sensitive user data or phone features, on a phone. The Android phones studied were the HTC EVO 4G,HTC Legend, HTC Wildfire S, Motorola DROID, Motorola DROID X, Samsung Epic 4G, Google Nexus One and Google Nexus S. Until security foxes are sent out, the best thing you can do to be protected is to be careful of which apps you are downloading.

You can find the entire report at the sourcelink.

source: NCSU via EngadgetMobile