Android OS Found to Have 359 Defects in Source Code
How is this for a shocker? Google’s Android OS has just undergone a thorough screening by security analyst Coverity and the company found an average of 0.47 defects per 1,000 lines of code. These defects end up totaling to 359, with 88 of them being classified as “high risk.” Coverity tested the Android kernel running on the HTC Droid Incredible for this, but presumes that while manufacturers tweak the kernel from phone to phone, many of the problems exist across devices.
Interestingly, while the 0.47 defect per 1,000 lines of code average was below the “industry average” of 1 per 1,000 (kind of scary isn’t it?), the Android specific parts of the kernel (which as we all know are mostly Linux) averaged out to 0.78 defects per 1,000 lines of code. That is a lot of techno mumble jumble but the fact that those 88 high risk security threats included things like memory corruption and you have a recipe for some skilled programmers to tear apart the code behind Android and start a wave of malicious software. That is why Coverity is releasing its full findings to Google and friends 60 days before it releases them to everyone else. Hopefully they can patch them up by then.
This make you rethink how secure your smartphone actually is? Even the famous BlackBerry, with its complex encryption software is vulnerable to attacks to the device itself. Our personal electric devices have never known more about us and yet the level of security on them looks to be wide open. Remember that web-based jailbreak for iOS earlier this year? Had a malicious hacker found it first, they could have used it to completely take over someone’s iPhone in seconds.
It is obvious that smartphone makers and operating system companies start paying closer attention to the security of their smartphones. We live in a digital age where what information you have stored in your email can be worth more than what a thief could nab from your house. The hackers can sit behind foreign borders and operate with impunity. I don’t know if the solution to the problem is smartphone anti-virus and security software or these companies getting their heads in the game but whatever is the best fix needs to be done. Then again, how many of us really want to have to run anti-virus software on our phones. That just sounds crazy doesn’t it?HTC Droid Incredible, Android, security, Linux