Six Months and Counting: Critical SMS Bug in Android Goes Unpatched No Comments
*** Update ***
It seems after an intense amount of feedback, Google has elevated the priority of this flaw to critical.
Just a heads up for those of you with Android based smartphones.
A bug has been lodged with Google back in June 2010 regarding a bug in the sending of SMS from an Android device. Essentially, a user sends an SMS to a particular recipient which appears to send successfully yet ends up going to someone else. Viewing the corresponding SMS thread for the original recipient shows the phone number of the incorrect recipient. There are some theories in the bug report including comment fifteen and nineteen which get into the guts of the code that may manifest this particular issue.
What is more concerning is that this problem is not tied to particular handset manufacturers or even handsets with Google’s flagship handsets (the Nexus One and Nexus S with the latter running Android 2.3 – AKA Gingerbread). Certainly, for corporate users, this could raise questions regarding information security where company secrets could be inadvertently leaked via SMS (although one would hope that company policies would prohibit the transmission of such information over insecure links). On the personal front, people may send messages intended for loved ones which end up going to work colleagues or other social acquaintances potentially leaving users embarassed.
Finally, the bug has been assigned a medium priority (which appears to be the default allocated for new bugs) whilst other bugs such as no alarm clock sound or vibration being assigned high priority and Bluetooth connectivity problems under Android 1.5 & 1.6 being assigned a critical priority. The priority can only be altered by Google’s Android developers which leads me to believe that there is little standardisation as to how these priorities should be applied to bugs.
Looks like Google has a couple of things to tighten up from the get go in 2011.
January 1, 2011 at 20:40
