Official Mobile Security & Innovative Technologies Blog
This blog is managed/edited by Eric Everson. The purpose of this blog is to discuss common threats and solutions that exist within the mobile community in addition to the intricacies of innovative technologies and the markets therein.
Thank you for taking the time to review my blog; I am Eric Everson the founder of MyMobiSafe.com. In addition to my duties at MyMobiSafe, LLC I am also a full-time graduate student and mobile industry researcher. As a mobile security expert and innovative technologies leader, I am glad to answer any questions you may have: EricEverson@Hotmail.com
Wednesday 12 November 2008, 11:53 PM
Google Beware: Hackers Set Sights On Android G1 Handsets
Google Beware: Hackers Set Sights On Android G1 Handsets
Author: Eric Everson, MyMobiSafe.com
Could the security concerns surrounding Google’s Open Source Mobile Operating System (OSMOPS) dubbed Android be the reason T-Mobile has taken such a humble marketing approach?
The Android team came public this week about a key security vulnerability in the platform regarding a root-console problem in Android (the one that automatically sent keystrokes to the root shell as commands). This issue in the Android OSMOPS gave hackers the expressway into the root-console of the handset. As Rich Cannings of the Android Security Team admits, "“We tried really hard to secure Android. This is definitely a big bug,” he said. “The reason why we consider it a large security issue is because root access on the device breaks our application sandbox.” For those with limited familiarity with Mobile Operating Systems (MOPS) the root-console acts as a control center for the handset; once you get into the "sandbox" you have complete control.
Generally speaking, once the root-console has been compromised by hackers the only way to keep hackers at bay is in a complete overhaul of the Operating System. This doesn’t bode well for the emerging Android OSMOPS that has been increasingly under consumer scrutiny due to its Open Source nature.
Open Source in MOPS, may bring about a surge in mobile content but it does not come without a significant handset threat level. What makes the G1 handset so attractive to hackers is the open availability of the Android Software Development Kit (SDK). This is the compromise of control that MOPS providers such as Google Android, Symbian, Microsoft Mobile, and others have to contend with as they continue to migrate toward an open source environment.
What happens when you put the SDK for a Mobile Operating System (MOPS) in the hands of hackers? Unfortunately, we are just beginning to find out. With unprecedented hacker access to these MOPS the reality of industry-wide mobile security threats is no longer a question “if” but when.
Your friend in mobile security,
Eric Everson
Founder, MyMobiSafe.com
Author: Eric Everson, MyMobiSafe.com
Could the security concerns surrounding Google’s Open Source Mobile Operating System (OSMOPS) dubbed Android be the reason T-Mobile has taken such a humble marketing approach?
The Android team came public this week about a key security vulnerability in the platform regarding a root-console problem in Android (the one that automatically sent keystrokes to the root shell as commands). This issue in the Android OSMOPS gave hackers the expressway into the root-console of the handset. As Rich Cannings of the Android Security Team admits, "“We tried really hard to secure Android. This is definitely a big bug,” he said. “The reason why we consider it a large security issue is because root access on the device breaks our application sandbox.” For those with limited familiarity with Mobile Operating Systems (MOPS) the root-console acts as a control center for the handset; once you get into the "sandbox" you have complete control.
Generally speaking, once the root-console has been compromised by hackers the only way to keep hackers at bay is in a complete overhaul of the Operating System. This doesn’t bode well for the emerging Android OSMOPS that has been increasingly under consumer scrutiny due to its Open Source nature.
Open Source in MOPS, may bring about a surge in mobile content but it does not come without a significant handset threat level. What makes the G1 handset so attractive to hackers is the open availability of the Android Software Development Kit (SDK). This is the compromise of control that MOPS providers such as Google Android, Symbian, Microsoft Mobile, and others have to contend with as they continue to migrate toward an open source environment.
What happens when you put the SDK for a Mobile Operating System (MOPS) in the hands of hackers? Unfortunately, we are just beginning to find out. With unprecedented hacker access to these MOPS the reality of industry-wide mobile security threats is no longer a question “if” but when.
Your friend in mobile security,
Eric Everson
Founder, MyMobiSafe.com
Previous
