Android Gingerbread SDK Closes TapJacking Vulnerability
The next version of Android, Gingerbread, has a bunch of new features, but one important change is a fix to a security issue known as "TapJacking."
"TapJacking occurs," Android Police's Stephen Tenerowicz explained, "when a malicious application displays a fake user interface that you can interact with, but actually secretly passes interaction events, such as finger taps, to a hidden user interface behind it. Using this technique, a devious developer could potentially trick a user into making purchases, clicking on ads, installing applications, or even wiping all of the data from the phone."
The new security features require developers to explicitly set them up to protect users, Tenerowicz said.