A team of security experts have found a vulnerability in the G1’s browser. They’re remaining vague, but it sounds like they’ve mainly discovered some code to exploit that has to be visited voluntarily by the user. Google is acting annoyed that the team didn’t come to them first, but first of all they’re just lucky it wasn’t someone malicious who found it, and second of all the team was just doing what it thought was best for consumers by publicizing it.
Google has already fixed its distribution version of Android, but until T-Mobile pushes out an update people are still technically at risk. But if you’re going and visiting random links from emails all the time, maybe you deserve to have a keylogger secretly installed on your Googlephone.
Update: T-Mobile is working on it. They say: “Google is working on a browser software patch for Android. We are coordinating with Google on a plan to soon deliver this update over-the-air to customers’ G1 devices. For people currently using the phone, we do not believe this matter will negatively impact their experience with the device.” Well then! Nice work by all parties involved.