Wednesday, November 24, 2010
Android browser allows data theft
A simple link allows an attacker to steal user data from your Android phone!
Thomas Cannon discovered this and explains here
I got the news here:
Android vulnerability permits data theft on heise.de
und die deutsche Version dazu:
Android-Lücke ermöglicht Datenklau
Compared to the whole rest of bugs and problems I consider this a severe flaw since most of us use the good and slim default browser. No rooting no dialog box, nothing but an URL is needed to make this work. This will not become widespread but provides an excellent example how all devices can be tricked by consequently accessing it's "features"
We'll all track, how Android providers handle this problem. No paranoia please, my next few phones will feature Android for sure, seeing how thin the membrane protecting personal data can become (for a limited time) is impressive though.