The CoolIris Android gallery, the stock gallery app used in many devices running Android 2.1 – 2.3, has been found to store unencrypted copies of complete addresses that could theoretically be accessed and transmitted by a malicious app with no system permissions. The issue came to light when we started investigating a security issue in Android found by Paul Brodeur from Leviathan Security Group. Brodeur created an app named No Permissions which highlights flaws in Android’s permission system that would allow an app to access your data. [The Verge]
And again, even if ICS (Android 4.0) could fix this, it doesn’t matter because only a fraction of handsets have it or could be updated to it
