Android vulnerability neutralised

May 24, 2012
Android vulnerability neutralised

Smart phones and tablet computers - once the latest must-have devices for technology geeks - are becoming increasingly more popular with the mainstream. The Android platform is now one of the most popular platforms with over 300 million Android devices in use since February and 700 000 devices being activated with each passing day. One of its main attractions is the open source software that allows a huge community of program developers to write applications. But with so many people contributing to this innovation, the operating system is open to bugs and security holes. In a new study, however, researchers in Italy may have neutralised any potential problems.

Researchers from the Bruno Kessler Foundation, the University of Genoa, Telematic University E-Campus and the University of Padua in Italy embarked on their project with one idea in mind: to revolutionise the way ICT systems and applications are designed, implemented, deployed and consumed. They foresee an Internet of Services (IoS) whereby business functionalities are designed and implemented by producers, deployed by providers, aggregated by and used by consumers. This, they say represents a major mind shift in the way programs and applications are traditionally developed; these would be built by composing services that are distributed over the network and aggregated and consumed at run-time in a demand-driven, flexible way.

In applying and developing their new methodology the researchers discovered a major susceptibility present in all versions of Android, a popular operating system developed by Google - famous for its search engine, specifically for and tablet computers. This, they say, could very well have been exploited by applications. Some malicious software (malware) have the ability the ability to "brick" devices, what experts describe as a device that can no longer be used and is about as useful as a brick.

Once the weakness in the platform was found the researchers immediately reported it to and to the Android security team as well as providing them with a detailed analysis of related risks. Once they made their report they then went one step further and designed a solution to the risk which was then verified by the security team of Android. The researchers hope that once its effectiveness is proven it will then be adopted in a future operating system update.

If the team had not acted as they did, the weakness could have allowed malicious application software to saturate the physical resources of the device, leading to complete blockage of both Android-based smart phones and . The problem with malware is its insidiousness because these applications do not require any authorisation during installation and would appear harmless to the user until it is too late.

The result compiled by the Italian research team will be published during the proceedings of the 27th IFIP International Information Security and Privacy Conference - SEC 2012, which will be held in Heraklion, Crete, Greece, on June 4-6, 2012.

Explore further: Singapore moves to regulate taxi booking apps

More information: www.spacios.eu/

add to favorites email to friend print save as pdf

Related Stories

Staggering surge in Android gadget viruses: Juniper

Nov 16, 2011

The arsenal of malicious code aimed at Android-powered gadgets has grown exponentially, with criminals hiding viruses in applications people download to devices, according to Juniper Networks.

Cybercriminals target phones, Android 'most exposed'

Feb 29, 2012

Cybercriminals are sneaking a fast-increasing amount of malware into smartphones to steal data or even money, with those running on Google's Android most exposed to security threats, analysts said.

Recommended for you

Singapore moves to regulate taxi booking apps

Nov 21, 2014

Singapore on Friday announced new rules for mobile taxi booking apps, including US-based Uber, in the latest move by governments around the world to regulate the increasingly popular services.

Protecting personal data in the cloud

Nov 20, 2014

IBM today announced it has patented the design for a data privacy engine that can more efficiently and affordably help businesses protect personal data as it is transferred between countries, including across private clouds.

Gift Guide: Dragons, aliens, heroes for the gamer

Nov 19, 2014

Sony's PlayStation 4 video-game console has built an impressive lead over its competitors. That's good news for holiday shoppers because it has driven Microsoft and Nintendo to offer more budget-friendly ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

dan42day
1 / 5 (1) May 25, 2012
Now if only they could solve the main weakness of the android platform, the fact that Google is eagerly tracking everything you do.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.