[Update] Security Firm: Android Riddled with Holes
[Note]: Figured I’d put this here instead of cluttering the comments up even more. I did originally make the mistake of saying that Google’s .47 flaws per 1,000 lines of code were well “above” the average of 1.0. I acknowledged it and corrected it. No, I’m not dumb, I’m just human. Also, I omitted the portion of The Register’s report where they stated Android was still the most secure open platform. I chose not to entertain that anecdote considering Android is the only open mobile operating system of noteworthy mention, and it’s not fair to compare it to a distribution for desktop and laptop computers which I imagine are much larger in scope.
These days, it seems there isn’t a month that goes by without a security firm pointing out some potential flaws in Android. This time, Coverity – based out of San Francisco – has gone deep into the Android source code and came up with some interesting numbers. Per every 1,000 lines of code, .47 defects were found. That’s well below the average of 1.0, with the overall number of flaws found totaling 359.
Instead of just releasing their full breakdown, they’re giving Google, OEMs, and carriers 60 days to grab it up and take a look for themselves, after which they’ll release it to the public. The study was only done on a lone HTC Droid Incredible, but the number of bugs probably won’t vary much as kernels from phone to phone tend to be similar.
Until they release the report, it’s hard to tell which of these potential flaws can truly be exploited for malicious reasons, but should anyone attempt to violate the trust of Google and the Android market, we know they have a nice killswitch just waiting to be flipped.
[via The Register]