Reply to post: AOSP bugs

Fragmented Android development creating greater security risks

chasil

AOSP bugs

"AOSP [Android Open Source Project] code has had the most eyes on it, from Google, the SOC partners, the OEMs, the community. It is quite reviewed."

No, it is most certainly not. Let's review the AOSP bugfest:

- Towelroot

- Stock browser same origin policy failure

- OpenSSL

It goes without saying that the use of OpenSSL *requires* the ability to patch.

How does 4.1 Jellybean do on the ssllabs.com browser scanner? I would think the score is an F - and if not, it's certainly not for lack of trying.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon