Featured Research

from universities, journals, and other organizations

Android vulnerability debugged

Date:
April 12, 2012
Source:
Fondazione Bruno Kessler
Summary:
Researchers have discovered and neutralized a serious vulnerability present in all versions of Android, the popular operating system developed by Google specifically for smartphones and tablet computers. The vulnerability could have been easily exploited by malicious software applications, with the effect of making devices based on Google's operating system currently on the market completely unusable.

A group of Italian researchers have discovered and neutralized a serious vulnerability present in all versions of Android, the popular operating system developed by Google specifically for smartphones and tablet computers. The vulnerability could have been easily exploited by malicious software applications, with the effect of making devices based on Google's operating system currently on the market completely unusable. The solution proved to be effective and will be included in a future update.

The work was conducted by researchers working in various Italian universities and research centers: Prof. Alessandro Armando, Head of the "Security & Trust" Research Unit at the Bruno Kessler Foundation in Trento and coordinator of the DIST's Artificial Intelligence Laboratory at the University of Genoa, prof. Alessio Merlo (Telematic University E-Campus), Prof. Mauro Migliardi (coordinator of the Green Energy Aware Security at the University of Padua) and Luca Verderame (recent graduate in Computer Engineering at the University of Genoa).

The team of researchers promptly reported the vulnerability to Google and to the Android "security team," providing a detailed analysis of related risks. It also designed a solution that was verified by the security team of Android, and that -- given its effectiveness -- will be adopted in a future operating system update.

If it had not been neutralized, the vulnerability discovered by the Italian team would have allowed a malicious application software (malware) to saturate the physical resources of the device, leading to complete blockage of both Android-based smartphones and Tablet computers. An especially insidious problem because this particular application does not require any authorization during installation and would tend to appear harmless to the user.

This research will be published on the proceedings of the "27th IFIP International Information Security and Privacy Conference -- SEC 2012" (Heraklion, Crete, Greece, June 4-6, 2012).

Technical Information

The identified vulnerability is based on a defect in the control of communication between applications and vital components of Android that allows to systematically exhaust the memory resources of the device by the generation of an arbitrarily large number of processes. The fundamental principle of the security of Android is the total separation between the applications (sandboxing) to ensure that each of these cannot affect in any way the operation of the others. The team of Italian researchers showed that this separation is violated in current systems and indicated the solution to be able to restore it.


Story Source:

The above story is based on materials provided by Fondazione Bruno Kessler. Note: Materials may be edited for content and length.


Cite This Page:

Fondazione Bruno Kessler. "Android vulnerability debugged." ScienceDaily. ScienceDaily, 12 April 2012. <www.sciencedaily.com/releases/2012/04/120412105436.htm>.
Fondazione Bruno Kessler. (2012, April 12). Android vulnerability debugged. ScienceDaily. Retrieved July 24, 2014 from www.sciencedaily.com/releases/2012/04/120412105436.htm
Fondazione Bruno Kessler. "Android vulnerability debugged." ScienceDaily. www.sciencedaily.com/releases/2012/04/120412105436.htm (accessed July 24, 2014).

Share This




More Computers & Math News

Thursday, July 24, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

Creative Makeovers for Ugly Cellphone Towers

Creative Makeovers for Ugly Cellphone Towers

AP (July 24, 2014) Mobile phone companies and communities across the country are going to new lengths to disguise those unsightly cellphone towers. From a church bell tower to a flagpole, even a pencil, some towers are trying to make a point. (July 24) Video provided by AP
Powered by NewsLook.com
Robot Parking Valet Creates Stress-Free Travel

Robot Parking Valet Creates Stress-Free Travel

AP (July 23, 2014) 'Ray' the robotic parking valet at Dusseldorf Airport in Germany lets travelers to avoid the hassle of finding a parking spot before heading to the check-in desk. (July 23) Video provided by AP
Powered by NewsLook.com
Facebook Earnings Put Smile on Investors Faces

Facebook Earnings Put Smile on Investors Faces

Reuters - Business Video Online (July 23, 2014) Facebook earnings beat forecasts- with revenue climbing 61 percent. Bobbi Rebell reports. Video provided by Reuters
Powered by NewsLook.com
StubHub Caught in Global Cyber Crime Ring

StubHub Caught in Global Cyber Crime Ring

Reuters - Business Video Online (July 23, 2014) eBay's StubHub is caught up in an international cyber crime ring stretching from North America to Europe. Conway G. Gittens reports. Video provided by Reuters
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:

Breaking News:
from the past week

In Other News

... from NewsDaily.com

Science News

    Health News

      Environment News

        Technology News



          Save/Print:
          Share:

          Free Subscriptions


          Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

          Get Social & Mobile


          Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

          Have Feedback?


          Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
          Mobile: iPhone Android Web
          Follow: Facebook Twitter Google+
          Subscribe: RSS Feeds Email Newsletters
          Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins