Fascinating study (PDF) by a group of computer scientists at North Carolina State University. They found that some apps pre-installed on eight popular Android phones opened security vulnerabilities that could be exploited by malicious programs and hackers.
The paper has been summarized by Ars Technica, Android Phone Fans and a few others but maybe with not quite enough precision. Of the eight phones tested, Google's two flagships, the Nexus One and Nexus S, came through almost unscathed (one minor security leak). But the additional software and apps that phone makers HTC, Motorola and Samsung added left their handsets much more vulnerable. HTC really brought up the rear with 10 vulnerabilities on its EVO 4G phone and eight each on the Legend and Wildfire S.
This situation should provide a good case study of how well various players in the Android ecosystem respond to security threats. The NC State study wasn't even testing the most current OS versions for all of the phones. My Nexus S runs 2.3.6 versus the study phone running 2.3.3. I've defended Android in the past against overblown and inaccurate security critiques. Let's see if the Android makers get good or bad marks this time around.
Posted from WordPress for Android