Feeds

Android kernel leaks like a colander

359 defects, 88 high risk

High performance access to file storage

Security analysts at Coverity reckon the Android kernel is riddled with security holes, though they still rate it as twice as good as most open-source projects.

Taking the source code from the HTC Incredible, Coverity found .47 defects per 1,000 lines of code, compared with an industry average of 1 per 1,000. That totalled 359 defects, with 88 of those being high-risk items such as memory corruption, memory leaks and uninitialised variables. Buut Coverity won't be providing any details until the end of the year.

The company discovered the flaws though automated analysis of the source code, and will, in the name of responsible disclosure, provide early access to "the Android security team, OEMs, and security researchers" so they can apply fixes, or create proof-of-concept attacks, before the details go public in 60 days.

Until then, we're left to speculate what proportion of those bugs exist across Android kernel implementations – and how many could be usefully exploited for fun and profit. Manufacturers tweak the Android kernel to suit their hardware. The team only picked the HTC Incredible because they happened to have one handy, but the commonality of chip sets in Android handsets makes it likely the majority of flaws are common too.

Exploiting those flaws is another matter entirely. One can imagine a stack overflow allowing an application to break out of the sandbox security, but such an application would likely be quickly identified and (if distributed via the Marketplace) subsequently removed. It's possible that more-easily-exploited flaws exist too, but hopefully they'll be fixed before Coverity goes public.

Being open to scrutiny is one of the advantages of being open source, so this is no reason to trust your Android handset any less, and if you fancy yourself as a security researcher then drop Coverity a line to get more details. ®

SANS - Survey on application security programs

More from The Register

next story
Virgin Media so, so SORRY for turning spam fire-hose on its punters
Hundreds of emails flood inboxes thanks to gaffe
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
AT&T dangles gigabit broadband plans over 100 US cities
So soon after a mulled Google Fiber expansion, fancy that
AT&T threatens to pull out of FCC wireless auctions over purchase limits
Company wants ability to buy more spectrum space in auction
Google looks to LTE and Wi-Fi to help it lube YouTube tubes
Bandwidth hogger needs tube embiggenment if it's to succeed
Turnbull gave NBN Co NO RULES to plan blackspot upgrades
NBN Co faces huge future Telstra bills and reduces fibre footprint
NBN Co plans fibre-to-the-basement blitz to beat cherry-pickers
Heading off at the pass operation given same priority as blackspot fixing
NBN Co in 'broadband kit we tested worked' STUNNER
Announcement of VDSL trial is not proof of concept for fibre-to-the-node
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.