Sunday, May 16, 2021

How Risky is Android Mobile OS Code?

How real are the Android mobile OS problems? “These could in theory potentially be exploitable,” said Andy Chou, Chief Scientist and co-founder of Coverity. “We don’t know. We are working with some security researchers to see if the flaws are actually exploitable.” Sean Michael Kerner reports.


Google’s Android mobile operating system may include a number of high-risk software flaws, according to a new report from static code analysis vendor Coverity.

Coverity detected 359 software defects in the Android Froyo kernel that is used in the HTC Droid Incredible smartphone. Of those defects, Coverity has identified 88 defects or about 25 percent of the total flaw count, as being high-risk and potentially leading to security risk for Android users.

According to Coverity, the defect density in Android isn’t actually all that bad compared to other codebases that they’ve scanned. Coverity is a commercial code analysis vendor and has also been running the Coverity Scan effort since 2006, analyzing open source code for software defects.

“We found that the Android kernel had about half the defect density that you would expect, compared to other industry average codebases of the same size,” Andy Chou, Chief Scientist and co-founder of Coverity told InternetNews.com.”What that means is that a defect density of one defect per approximately one thousand lines of code is industry average, according to our measurements – for the Android kernel, the defect density was about 0.47.”

Read the rest at eSecurity Planet.

Similar articles

Latest Articles

How IBM has Changed...

Think is IBM’s big annual conference, and again this year, it was digital. I’m noticing a sharp quality difference in shows like this where...

Database-Tuning Platform Launches and...

PITTSBURGH — A team out of Carnegie Mellon University is launching its automatic database-tuning product today with the help of $2.5 million in funding.   OtterTune,...

Top 10 Professional Services...

Professional services automation (PSA) software aims to offer service-based companies most of the software they will need to run their businesses in one package....

What is Data Aggregation?

Data aggregation is the process where raw data is gathered and presented in a summarized format for statistical analysis. The data may be gathered...