More Than A Billion Android Devices Vulnerable To Pileup Attack!

News broke this week that researchers at the University of Indiana and Microsoft had identified a vulnerability in the Android operating system that is suspected of affecting more than one billion Android devices already deployed into the market, and any future ones pending the release of a fix to this issue. For more read here (http://www.efytimes.com/e1/fullnews.asp?edid=133634)

A simple summary of the attack shows that an app downloaded by a device owner could contain bogus permissions that are simply ignored by the operating system, however if those permissions reflect features that eventually become available in a future version of Android then the permissions become active even though you as the device owner never specifically granted those permissions. What this could mean is that the app now has access to information or resources that you never intended it to have.

Of course, this attack does require that you download and install the app with these malicious permissions and perform a system update with a reboot of the device. Given that only 34% of device owners actually read the privacy policies of downloaded apps there is a strong likelihood that this type of app will make it onto a great many devices. Now specifically what the app will eventually do is up to the app and the future of Android capabilities.

At this time there is no Android fix to this issue but we expect that it will be dealt with quickly in the next Android update. If you are on an unlocked device and have control over your Android updates this is certainly good news. If you are on a device that receives infrequent updates then you are out of luck and must simply be far more diligent and watchful of the apps that you download.

However, if you are a Secure Spaces user you can rest far more comfortably. Secure Spaces divides an Android device up into "Spaces", like rooms in your house, so that you can place certain apps and data into one Space and keep them completely separate from the apps and data in another Space. So if you did download one of these apps and placed it into an isolated Space without any contacts, email accounts, Google accounts, or other sensitive information then there is very little harm that can come from the app. Secure Spaces is a consumer solution that gives the consumer control over how they want their device configured and how apps can, or can't interact with their data, like an app quarantine. Secure Spaces is ideal for consumer privacy, BYOD initiatives, device sharing with friends and family and mobile marketing initiatives.