Soon after the release of the T-Mobile G1 mobile phone, a security expert formerly of the National Security Agency told Google about a flaw he found with the operating system that might leave users vulnerable to misdirection that would land them on a dangerous website.
The expert's name is Charles A. Miller, and despite his publicizing of the security breach, some pundits are criticizing Google for not doing enough to keep their customers aware of what's right – and wrong – with Android.
Tech writer Stephen Shankland has been testing Android on T-Mobile's G1 phone since its release, and he noted that Google has already sent out two security updates for the OS. The trouble is, Google wouldn't say what those updates were for – at first.
"Only after much pestering and more than a week of waiting did I find out from Google what was in those two Android patches," he said. "And T-Mobile has been pretty quiet, too. (I'm waiting for comment from the company about its choices."
Shankland did some detective work by "snooping around" various support forums and other help utilities offered by the two companies. In his search, he noted that some company officials blithely ignored questions from customers.
Finally, he stumbled upon the Android Security Announcements Google Group, though unfortunately, he didn't find much there, either.
"The only note is an Aug. 18 introductory note with this advice: 'If you would like to receive security patch announcements for Android, please join the android-security-announce Google Group,'" Shankman said.