I mentioned this several months ago, both here and at XDA, but got little to no feedback. Now I feel action must be taken!
For those who aren't aware of it, there is a major flaw in Android involving downloads. Unlike on your computer that asks you if you want to download something before it starts the download, Android will simply begin a download in the background without any user approval.
Now there are people taking advantage of this vulnerability using what's called the Not-Compatible drive-by download. You visit an infected webpage with your Android phone, and it starts a download and installs software without your knowledge or approval. This can take over your phone entirely, causing it to send SMS to premium numbers resulting in charges, or stealing your personal info and even passwords, or even initiating a call to a premium phone number resulting in charges.
I asked for anyone interested in helping develop a safeguard in the past to post or PM me. I am now asking again. I would like to have an interstitial dialog added anytime a download is started, allowing the user to decide if it should proceed. This is the standard in the computer industry on almost every OS, and IMHO it should be standard on Android.
I will be working on this for the next couple of weeks, attempting to find the most unobtrusive means to ensure user safety without hindering the user experience. If you are interested in helping fix this huge security hole in Android, please let me know!
For those who aren't aware of it, there is a major flaw in Android involving downloads. Unlike on your computer that asks you if you want to download something before it starts the download, Android will simply begin a download in the background without any user approval.
Now there are people taking advantage of this vulnerability using what's called the Not-Compatible drive-by download. You visit an infected webpage with your Android phone, and it starts a download and installs software without your knowledge or approval. This can take over your phone entirely, causing it to send SMS to premium numbers resulting in charges, or stealing your personal info and even passwords, or even initiating a call to a premium phone number resulting in charges.
I asked for anyone interested in helping develop a safeguard in the past to post or PM me. I am now asking again. I would like to have an interstitial dialog added anytime a download is started, allowing the user to decide if it should proceed. This is the standard in the computer industry on almost every OS, and IMHO it should be standard on Android.
I will be working on this for the next couple of weeks, attempting to find the most unobtrusive means to ensure user safety without hindering the user experience. If you are interested in helping fix this huge security hole in Android, please let me know!