Adobe Flash Zero Day Puts Android Smartphones at Risk

Discussion in 'Community Discussion' started by Dainin, Sep 14, 2010.

  1. Dainin macrumors regular

    Joined:
    Sep 4, 2009
    #1
  2. yg17 macrumors G5

    yg17

    Joined:
    Aug 1, 2004
    Location:
    St. Louis, MO
    #2
    It means nothing for Android. It'll be fixed and forgotten about, just like all of the thousands of other exploits that have been found and patched in software since the beginning of computing. And before anyone says "ZOMG LOL ANDROID SUXORZ!" let's not forget about the iPhone PDF exploit.
     
  3. r.j.s Moderator emeritus

    r.j.s

    Joined:
    Mar 7, 2007
    Location:
    Texas
    #3
    ^^^ I agree. It means nothing for Android, since it applies to any platform with Flash.

    It does continue to show why Flash is a problem that needs to be phased out.
     
  4. Dainin thread starter macrumors regular

    Joined:
    Sep 4, 2009
    #4
    I agree that this will be fixed, and forgotten about. But lets say that you visit a webpage on your android phone and get infected. There are exploits in the wild. Adobe releases an update to fix the exploit. Adobe is fixed, but your phone is still infected. Where does that leave you? How would you know you have been infected and take steps to remove it?
     
  5. yg17 macrumors G5

    yg17

    Joined:
    Aug 1, 2004
    Location:
    St. Louis, MO
    #5
    Same can be said about the iPhone PDF exploit. You don't know. That comes along with the territory of owning a computer.
     
  6. Dainin thread starter macrumors regular

    Joined:
    Sep 4, 2009
    #6
    Perhaps I should clarify my point a bit further.

    Lets say my iphone got infected by the PDF exploit, I instlled 4.0.2 and anything malicious that has been installed is now gone (I should assume, seeing as you would lose your jailbreak which came through the PDF exploit). Problem solved by updating firmware.

    In the case of a vulnerability like this, where the application is patched, your mobile OS is left however it was.
     
  7. redscull macrumors 6502a

    redscull

    Joined:
    Jul 1, 2010
    Location:
    Texas
    #7
    **Fixed.

    Seriously. In my 15 years of serious computing, the only virus I ever got on my wholey unprotected Windows PCs was thanks to a bug in Adobe's Acrobat Reader. And as a Flex (Flash) developer, I can tell you their codebase is not very clean.

    I loved when Steve Jobs denounced Adobe and Flash on iOS, and I'm disappointed that he's backing off that some now. I hope that any apps made with external toolkits have a clear label in the App Store identifying that fact.
     
  8. Rodimus Prime macrumors G4

    Rodimus Prime

    Joined:
    Oct 9, 2006
    #8
    That could easily of been prevent with an exploit. It would not be hard to do. Since they have full access to the phone they could easily disable any way for you to update and hell they could have it report a false version number back to the computer making getting an update very hard.
    Or worse complete disable its ability to sync with iTunes making it complete impossible to update.
     
  9. macquariumguy macrumors 6502a

    Joined:
    Jan 7, 2002
    Location:
    Sarasota FL
    #9
    The great thing about that is everyone whose phone was "exploited" did it to themselves, on purpose, for jailbreaking.
     
  10. Rodimus Prime macrumors G4

    Rodimus Prime

    Joined:
    Oct 9, 2006
    #10
    No that page on jailbreakme.com gave you the option to take advantage of that website. Others could just have a link that automatically download it as soon as you went there and no real way to stop it.
     

Share This Page