Is security a setback in Android Ecosystem; Every day and any day there is a security attack on the operating system one of the latest being the exposed vulnerability being noticed in the Samsung Galaxy S3.
The issue was reportedly up by some users earlier, the issue was found in the Samsung proprietary software for data syncing that is Samsung Kies.
The issue was found when any user was using the Sync and update tool. Whenever user performs Sync and updates an allowance is made to the malicious apps to get installed on the phone without any notification.
There was even a blog post which identified that legitimate apps like Angry Birds Cheat, Japanese squid girls etc. After the apps were getting downloaded it contained a method to hijack the “installed_packages” permissions found inside Samsung kies app.
From that point of time the application got permission to download as many other malicious apps as possible throughout without notification.
This was a serious block hole found in the device which can be fixed by adding few java lines in the main source. This exploit was discovered by pentester who only gave the workaround for the attack.
According to him this exploit comes pre-installed to the user’s device thanks to the custom UI by the OEM. This is not a serious exploit and can be easily patched with a software update any big names like Lg, Htc, Samsung can eaily Release OTA for the patch. But the question arises that is Custom UI killing Android Experience.
We will be waiting to hear your thoughts. Please share your views with us.