Bug Invades Android Browser App

[Demon_Skeith]

A bug has compromised the security of the Android Browser app, allowing foreign sites to inject malignant JavaScript into other sites, stealing passwords and personal information in the process.

The bug reads cookies and password fields, and can extract a wealth of personal information, and easily interfere with other sites' content. Google said it is working on the problem, but when, or how, a fix will be made remains unclear. Any updates to the app, which comes bundled with older Android phones, must be done through operating system updates –– so the availability of the fix may be hindered upon its initial release.

The flaw was reported by researcher Rafay Baloch, but was initially ignored when Google couldn't recreate the problem, and closed the report. But in his blog post, Baloch describes how the bug bypassed the browser's Same Origin Policy (SOP), a measure that prevents sites from accessing other sites' information. After attempting to conjure the problem again, Google witnessed the bug firsthand, and decided to take action.

As for now, Android users are better off using other web browsers, such as Chrome, Opera or Firefox. IGN will update this story with any new information.

Source

 

[froggyboy604]

 I think using a Virtual Private Network, and Proxy connection may also give you more protection because the connection is password protected and encrypted.

The original Android browser was pretty bad. I found it to be pretty laggy. UC Browser, and Maxthon are also pretty good browsers for Android.

 

[hissae2]

The original android browser was horrible, I never used it anyway after I downloaded Opera Mini.

 

[froggyboy604]

I didn't like how the original Android browser's tabs/windows, and it slowed down after a while of use when too many tabs/windows are open.