Android Gingerbread SDK Closes TapJacking Vulnerability

by Keith Vance

With all of the exciting new features coming in Android Gingerbread, a security fix in the SDK will help developers protect users from TapJacking.

The next version of Android, Gingerbread, has a bunch of new features, but one important change is a fix to a security issue known as "TapJacking."

"TapJacking occurs," Android Police's Stephen Tenerowicz explained, "when a malicious application displays a fake user interface that you can interact with, but actually secretly passes interaction events, such as finger taps, to a hidden user interface behind it. Using this technique, a devious developer could potentially trick a user into making purchases, clicking on ads, installing applications, or even wiping all of the data from the phone."

The new security features require developers to explicitly set them up to protect users, Tenerowicz said.

View Article

This article was originally published on Friday Dec 10th 2010
Mobile Site | Full Site