Skip to main content

Android littered with security flaws, says report

Programming errors in Google's Android operating system could be leaving users' data wide open to attacks by hackers, a study has revealed.

UK newspaper the Financial Times reports that an advance summary of a report it received from code analysts Coverityreveals that the OS suffers from 88 "high risk" defects that have "significant potential to cause security vulnerabilities, data loss, or quality problems such as system crashes".

According to the study, which is due to be published on Tuesday, the programming errors could allow hackers easy access to email messages and other confidential data.

Coverity's research was carried out using the publicly-available version of the kernel for Android 2.2 installed on HTC's Droid Incredible phone, but its writers suggest that similar security flaws could exist in other Android handsets.

The discovery will not be welcomed by the developers of Google's open-source Android platform, which has struggled to find favour within business and government. Many organisations have stuck with competitor Research In Motion's BlackBerry devices, which have a reputation for security.

But with recent figures from market research outfit Nielsen showing Android making the biggest in-roads into the US mobile market, pressure will increase on developers to patch any perceived holes before they are widley exploited.

Coverity has passed on details of the flaws to Google and the Droid Incredible handset's maker, HTC.

The analyst firm's co-founder, Andy Chou, said he planned to make the details of the errors public in around two months.

"We want them to fix the problems," Chou said. "We are trying to follow the model for responsible disclosure."