{"id":4778,"date":"2010-11-11T16:08:31","date_gmt":"2010-11-11T20:08:31","guid":{"rendered":"http:\/\/www.schollnick.net\/wordpress\/?p=4778"},"modified":"2010-11-11T16:09:10","modified_gmt":"2010-11-11T20:09:10","slug":"google-pulls-app-that-revealed-android-flaw-issues-fix-insecurity-complex-cnet-news","status":"publish","type":"post","link":"http:\/\/www.schollnick.net\/wordpress\/2010\/11\/google-pulls-app-that-revealed-android-flaw-issues-fix-insecurity-complex-cnet-news\/","title":{"rendered":"Google pulls app that revealed Android flaw, issues fix"},"content":{"rendered":"<blockquote><p>Google pulled an app from the Android marketplace that was created to illustrate a flaw in the mobile framework that allowed apps to be installed without a user&#8217;s knowledge. It then issued a fix for bug.<\/p>\n<p>Jon Oberheide, chief technology officer of Scio Security, created a proof-of-concept app disguised as an expansion for the popular Angry Birds game. After the app was downloaded, three additional apps were installed without the user&#8217;s knowledge that had permission to perform malicious activities but were benign, he told CNET in an interview.<\/p>\n<p>Oberheide and Zach Lanier, a senior consultant at Intrepidus Group, were scheduled to present their research on the Android vulnerability at Intel&#8217;s annual internal security conference in Hillsboro, Ore., today.<\/p>\n<p>Before they got a chance to give their presentation, Google pulled the app, according to Oberheide. The company also began rolling out a fix for the issue, which applies to all Android devices, a Google spokesperson said in an e-mail late yesterday.<\/p><\/blockquote>\n<p>Read more about it here &#8211; \u00c2\u00a0<a href=\"http:\/\/news.cnet.com\/8301-27080_3-20022545-245.html?part=rss&amp;subj=news&amp;tag=2547-1_3-0-20\">Google pulls app that revealed Android flaw, issues fix<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google pulled an app from the Android marketplace that was created to illustrate a flaw in the mobile framework that allowed apps to be installed without a user&#8217;s knowledge. It then issued a fix for bug. Jon Oberheide, chief technology officer of Scio Security, created a proof-of-concept app disguised as an expansion for the popular <a class=\"read-more\" href=\"http:\/\/www.schollnick.net\/wordpress\/2010\/11\/google-pulls-app-that-revealed-android-flaw-issues-fix-insecurity-complex-cnet-news\/\">[&hellip;]<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0},"categories":[23,25,35],"tags":[121,1838],"_links":{"self":[{"href":"http:\/\/www.schollnick.net\/wordpress\/wp-json\/wp\/v2\/posts\/4778"}],"collection":[{"href":"http:\/\/www.schollnick.net\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.schollnick.net\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.schollnick.net\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.schollnick.net\/wordpress\/wp-json\/wp\/v2\/comments?post=4778"}],"version-history":[{"count":0,"href":"http:\/\/www.schollnick.net\/wordpress\/wp-json\/wp\/v2\/posts\/4778\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.schollnick.net\/wordpress\/wp-json\/wp\/v2\/media?parent=4778"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.schollnick.net\/wordpress\/wp-json\/wp\/v2\/categories?post=4778"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.schollnick.net\/wordpress\/wp-json\/wp\/v2\/tags?post=4778"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}<!-- WP Super Cache is installed but broken. The constant WPCACHEHOME must be set in the file wp-config.php and point at the WP Super Cache plugin directory. -->