G1 security flaw found, Google says it is fixed
Days after T-Mobile's G1, the first phone to run on Google's Android platform, became commercially available, security researchers found what they deemed a serious security flaw in the phone's software. However, Google says the flaw in its Android platform has been fixed.
Charles Miller, a principal security analyst at Independent Security Evaluators in Baltimore, and other researchers found the flaw, which affects the phone's web browser. Miller said that malicious code could log keystrokes when users visit websites.
Google said the problem had been fixed and is working with HTC, the maker of the phone, and T-Mobile USA to send the patch to current customers. Google also said the security system of the phone would limit any malicious intruder to a single application, unlike other smartphones.
"We wanted to sandbox every single application because you can't trust any of them," said Rich Cannings, a Google security engineer, in the article.
On Tuesday, T-Mobile released an updated statement regarding the situation. "Google has created a browser software patch for Android," the statement said. "T-Mobile began the staged roll-out of the solution to our customers' T-Mobile G1 phones on Monday night, via an over-the-air update."
- see this article
- see FierceWireless' G1 unboxing