Security experts unearth unpleasant flaws in webOS

Chris Ziegler
C. Ziegler|11.26.10

Sponsored Links

Security experts unearth unpleasant flaws in webOS
Researchers from security firm SecTheory have described a handful of flaws in webOS, saying that the platform -- by its very nature -- is more prone to these sorts of things than its major competitors because Palm puts web technologies like JavaScript closer to webOS' core where system functions are readily accessible. At least one of the flaws, involving a data field in the Contacts app that can be exploited to run arbitrary code, has already been fixed in webOS 2.0 -- but the others are apparently still open, including a cross-site scripting problem, some sort of floating-point overflow issue, and a denial-of-service vector. We imagine Palm will get these all patched up sooner or later, but as SecTheory's guys point out, how long is it until mobile malware becomes a PC-sized problem?
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget