T-mobile's new Google phone, which was released last Wednesday for sale to consumers as an alternative to the I-Phone, is found to have a serious security flaw. This flaw will effect both the people who own Google phones, as well as consumers considering purchase. Although the Google phone has improved security by compartilizing applications so that one breach cannot cause too much harm, the flaw lies in the web-browser application included in the phone. The web-browser does not protect against viruses that can be installed just one time, but can remain on the phone forever. For instance, a person with one-time access to the phone can install a program that will record the key strokes that a user inputs. This means that passwords, as well as personal information such as credit card numbers could be stolen.
There is also some controversy as to whether or not this flaw should have been revealed, as companies are generally given some time to fix flaws before the are publicized. I believe that it is best that this flaw was pointed out, especially since now people are able to avoid entering sensitive information into the web browser. If it was kept quiet, people could have been attacked without even knowing there was a risk. I believe that this could be a huge security threat if it is not fixed. People buy the phones, in large part, because of the ability to connect to the Internet, and many could be at risk.
Take a look at the article: http://www.nytimes.com/2008/10/25/technology/internet/25phone.html?_r=1&ref=technology&oref=slogin
Sunday, October 26, 2008
Subscribe to:
Post Comments (Atom)
Posts
Right off the bat, I would guess that the majority of smart phone users are unaware of the threats (similar in many cases to those of personal computer users) that accompany internet access. So I completely agree that it was to the consumer's benefit that this risk was pointed out. If a hacker has the ability of recording your keystrokes, then what is stopping him/her from accessing your on-line bank account or similar personal/financial data (such as marketplace sites like amazon.com).
ReplyDeleteHowever, from the sounds of it, Google has done a good job of "partitioning" their applications and programs, which will hopefully mitigate the security threat.
Regardless, with new technology comes new opportunities for hackers to do what they do best; this exploit does not come as a surprise.
I agree with both of you. As a consumer, I would appreciate being told of potential risks as I am buying the phone. Even if I was not technology savvy, just knowing about what could happen would be a huge help. Knowing these things could help the user be more aware and be able to protect himself or herself from attacks.
ReplyDelete