The news that Google would not solve a problem that affects several versions of Android prior to 4.4, let users a clear idea that these versions had been completely abandoned.
He had not emerged until now one Google’s position on this issue, but a Adrian publication Ludwig on Google Plus has clearly show the reasons for this position.
The problem at issue affects older versions of Android and allows any attacker can exploit a vulnerability in the web view, leaving thousands of Android users at risk.
In concrete WebView component of Android, which allows programmers to provide access to web content without having to be to open a browser, no longer has support for older versions or equal to Android 4.3 for the Google decision.
Google’s idea on this issue is very clear and the decision is irrevocable. According to Adrian Ludwig fix this problem is possible, but the addition of new code would create complex situations for the development of Android, by several other developers are to also add your code.
The chaos that would result adding new code to these versions, and that would solve the security problems that exist, would eventually create other problems and other potentially unsafe situations, which would be even more complex and harmful to all.
But Google, while not addressing the situation directly with the introduction of the solution directly on the Android code has some solutions to limit the problem
Google’s recommendation involves the use by the users of alternative browsers to accompanying versions of Android that have the problem with the WebView.
In its proposal the Google asks users use browser where the problem does not manifest itself, like Chrome or Firefox for Android. These browsers are supported by version 4.0 in the case of Chrome or by version 2.3 in the case of Firefox.
There is also the recommendation for developers to use their own versions of WebView, trouble-free or limit access to known and are trusted sites.
These recommendations are important and sufficient facts to solve the problem. The problem is even in users with less technical information that probably did not even know of the existence of the problem or who are exposed to it.
While not offering a solution to the problem, it is now known the official position of Google and why not implemented the solution to this serious security problem
.
-> ->
<-
<-
Filed in category:
->
No comments:
Post a Comment