Android mug shots have no lock and key

March 4, 2012 by Nancy Owano, report

( -- If Google loyalists will persist that this Internet Goliath can do no evil, they at least need to admit, based on new evidence this week, that Google can do a lot of mindless harm. A security door in Android smartphones is left open that can enable Android apps to nab your photos without your permission. In fact this has been an unsettling week in smartphone revelations. People have been informed that whether their smartphone of choice is from Apple with iOS or another vendor’s phone with Android, they can never be certain who out there in cyberspace is able to view all their photos.

Apple’s OS was the first platform to get nailed for photo insecurity. The loophole is tied to the permission that apps seek to use location data, when access can be gained to the entire photo library.

Now The New York Times reports that because of a security loophole, Android apps can gain access to the photo libraries of users without permission and can copy the photographs to a remote server—with no impedance. According to experts, as long as an has the right to go to the Internet, the user’s can be copied to a remote server, with no notice to the user.

It is not clear whether any apps that are available for Android devices are actually doing this. What was confirmed by experts is that an app can read pictures without having to get any special permission.

As part of the NYT report, an Android developer put together a test application of a timer. When the app started and the timer was set, the app went into the photo library, retrieved the most recent image and was able to post it on a public photo-sharing site.

While the picture-scoffing app was only a test, the point was made that could do more to maintain people’s confidence in Android as a safe mobile platform for their smartphones.

In response, Google confirmed that it's an issue, and is looking into the situation.

Interestingly, Lookout, a mobile security company, late last year prepared a report listing the firm’s 2012 mobile threat predictions, In 2012, they said that they expected to see the mobile malware business turn profitable. “What took 15 years on the PC platform has only taken the mobile ecosystem two years.”

They talked about vulnerabilities in smartphones, saying that “due to the difficulty of updating software and patching vulnerabilities on phones, malware writers will continue to exploit iOS and OS at a pace greater than vulnerabilities can be resolved.”

Explore further: Android Trojan dubbed ‘Geinimi’ found in legitimate applications

More information: … -threat-predictions/

Related Stories

iOS still safer than Android, according to Symantec report

June 29, 2011

( -- Since the Android OS came out people have been comparing it to the iOS. One of the most important debates has been about the relative security of the two operating systems. The iOS is rather closed, with ...

Yahoo! helps find smartphone 'apps'

June 16, 2011

Yahoo! has begun helping people navigate the sea of applications available for Apple iPhones or mobile gadgets powered by Google-backed Android software.

Android users get malware with their apps

March 2, 2011

( -- As new platforms make their way into the market there will always someone who is looking to exploit them for illegal or unethical ends. More proof of that fact has come today when Google was forced to removed ...

How Secure are iPhone and Android Apps

April 1, 2010

( -- Today's smartphones are pocket size computers that can be customized by downloading applications. This is what makes a smartphone vulnerable to cybercriminals. In this article we will examine how an iPhone ...

Recommended for you

Cryptocurrency rivals snap at Bitcoin's heels

January 14, 2018

Bitcoin may be the most famous cryptocurrency but, despite a dizzying rise, it's not the most lucrative one and far from alone in a universe that counts 1,400 rivals, and counting.

Top takeaways from Consumers Electronics Show

January 13, 2018

The 2018 Consumer Electronics Show, which concluded Friday in Las Vegas, drew some 4,000 exhibitors from dozens of countries and more than 170,000 attendees, showcased some of the latest from the technology world.

Finnish firm detects new Intel security flaw

January 12, 2018

A new security flaw has been found in Intel hardware which could enable hackers to access corporate laptops remotely, Finnish cybersecurity specialist F-Secure said on Friday.


Adjust slider to filter visible comments by rank

Display comments: newest first

2 / 5 (4) Mar 04, 2012
The problem is that it should be the other way around: No permission unless granted, now it is open unless they add a lock. (and sometimes a very bad lock, like you can't lock it after opening)
The face recognizing lock gives a false sense of security since it are not your physical neighbours you have to be afraid of.
3.8 / 5 (4) Mar 04, 2012
In custom roms you can disable apps from doing things, like disable GPS access and whatnot. A permission manager should be a standard feature in android.
3.7 / 5 (6) Mar 04, 2012
Heck! I thought they were going to say, " ....NEWS FLASH: Android phones can invade your wife's birth canal!" or maybe, "...Android and Apple devices have all been implicated in the largest bank heists in history and may have been used to steal the gold from Fort Knox yesterday!"
Pictures? Photos? Okay...what have the evil and nefarious been doing with all these photos they have been stealing? ( I mean Paris Hilton and all the Hollywood wunderkind REGULARLY mail out sex tapes and photos, shucks, half the porn on earth is shot with phone cameras -just HOW BAD can the rest of the world be?!?)
I am sure everyone with a iPhone 4S has asked Siri about every dirty question the human race can imagine. By now, the 4S/Siri thinks, "... that is ALL humans care or think about! I will just talk to all my fellow iPhone 4s's and have them hand over wicked pictures and movies, ya know, just so my owner does not have to wait and they will love me even more..!"
3.7 / 5 (3) Mar 04, 2012
The author Nancy Owano starts her article with a pejorative remark. Android software can't be regarded as any more safe than any other software on the Internet. Equating insider access to user data, with access a hacker can obtain is unfair to Google and the Andriod OS.

I've heard many times the evils of Google's data collection (from its users). Its only anecdotal, but; I've been happy with gmail and google docs almost from the beginning of Google's services.
2.5 / 5 (2) Mar 05, 2012
ahh yes nothing evil or nefarious about destroying people's privacy, afterall it was google that reports that privacy is dead! Oh and yes they are not evil because of their motto that says they aren't evil. How convincing! The masses had better get a handle over the technology that they use or they will very quickly find their lives completely dominated by it.
not rated yet Mar 05, 2012
If I use android file encription on my smartphone,to protect my photos,can they still be accessed by other apps?

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.