Linked by Thom Holwerda on Fri 5th Jul 2013 13:59 UTC, submitted by bowkota
Privacy, Security, Encryption "Researchers said they've uncovered a security vulnerability that could allow attackers to take full control of smartphones running Google's Android mobile operating system." So, how bad is this? Can anybody with knowledge of Android's inner workings explain?
Permalink for comment 566366
To read all comments associated with this story, please click here.
RE: Its about non Play store apps
by WereCatf on Fri 5th Jul 2013 14:42 UTC in reply to "Its about non Play store apps"
WereCatf
Member since:
2006-02-15

No, this is a risk for Google Play - apps, too: it has been shown multiple times that the heuristics that Google uses to detect malign code is easy to fool, so you could make a legitimate app and publish it on Google Play, but add a payload there that adds itself to any and all of your currently-installed applications. Then, even if the user removed the app with the payload the system would still be hosed and the only way to fully remove the payload would be a complete system format and a clean install from a firmware image.

Basically this is a "Oh f--k!" - moment for Android.

Edited 2013-07-05 14:42 UTC

Reply Parent Score: 2