But it’s open! Part XIV.

In today’s installment of crazy stuff from Mountain View: Aaron Souppouris for The Verge reports:

How an Android app could transmit your personal data without any permissions

Choice cuts:

The CoolIris Android gallery, the stock gallery app used in many devices running Android 2.1 – 2.3, has been found to store unencrypted copies of complete addresses that could theoretically be accessed and transmitted by a malicious app with no system permissions. The issue came to light when we started investigating a security issue in Android found by Paul Brodeur from Leviathan Security Group. Brodeur created an app named No Permissions which highlights flaws in Android’s permission system that would allow an app to access your data.

Over 90% of all Androids run on these versions. I’m sure Google and the carriers will get right on that.

Google declined to comment on any of the issues mentioned in this report.



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s