Related Links

Top 5 Stories


Motorola's next-generation Android handset security is hackable

18 October 2010

Smartphone handset vendor Motorola, which has recently joined the Google Android mobile alliance, has reportedly been rocked by reports that its latest Droid 2 handset has a potentially major security flaw.

The Droid 2 – which is also likely to be released in the UK early next year – is the successor to the Motorola Milestone, aka Droid in the UK, which has been available on the O2 and T-Mobile networks.

The security flaw on the Droid 2 reportedly centres on Google Voice actions, which can be triggered even when the handset is locked and password security activated.

Google Voice is a Google telephony service that gives US users a single personal number and then allows call screening, forwarding and other advanced functions, including automated callbacks triggered across the internet.

There are plans, Infosecurity notes, to launch Google Voice in the UK very shortly.

According to a weekend report on the Softpedia newswire, even in a locked state, when the 'search' softkey – or the keyboard-key –- is pressed for four seconds, Google's 'voice actions' facility is triggered.

"What's more interesting is that the handset won't inform the user in any way that the said option has been enabled", says the newswire.

The problem with this security flaw is that, once activated, the feature then allows chargeable calls to be made using the spoken word, rather than a keyboard interface.

A similar issue, says Softpedia, was spotted on the original Droid/Milestone handset at the start of the year, but was resolved with an over-the-air software update.

"At that time, the handset's pattern lock screen, which was supposed to be active when call was in progress, for example, could have been bypassed through simply hitting the Back button when in a call, a move that would have offered full access to the applications and menus of the device", says the newswire.

Motorola has yet to respond to the reports, but forum postings over the weekend suggest that the handset vendor will soon be aware of the issue, hopefully before US carrier Verizon starts shipping the mobiles later this month.


This article is featured in:
Wireless and Mobile Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×