Patched Froyo security flaw resurfaces in Gingerbread

The notorious security flaw in Android 2.2‘s stock Internet browser, which allows remote access of files on your SD card to rogue websites, hackers and attackers who know the file path, has been patched on Android’s new Gingerbread version of the OS. This would have been a boon to the little green man’s acceptance by business as a mobile solution, as Android pales in┬ácomparison┬áto other operating systems — namely BlackBerry — in terms of security.

That is, it would have been a boon had somebody not already figured out a different security flaw in Gingerbread‘s browser. But that’s not the case. Before version 2.3 even hits the market, somebody’s already gone and worked their way around the patch.

It doesn’t look very good on Google to say the least. On the other hand, it’s not exactly a life-threatening problem, either.

All the flaw means is that, should you go to a website designed to download your files from your SD card specifically by name and click the link that sets that bit of javascript in motion, somebody’s going to have your pictures. None of your personal information is stored on the SD card unless you put it there. So, simply don’t do that and you’re golden.

If Google were to allow users to encrypt all the data stored on their Android devices, that would be an easy way to avoid the shock their reputation’s going to take from this. Unfortunately, we’ve heard no word on whether that’ll become a reality as of yet.

For now, if you’re feeling iffy about somebody building a site to steal copies of your shaky, low-res cell phone photos or any of your MP3s, simply rename every file and folder on your SD card to impossibly unique names, stop browsing unprofessional-looking websites, or download a different browser app like Skyfire.

Problem solved.


Posted in: Uncategorized

Leave a Comment