[beatle]

Meanwhile, critical Android security holes remain unpatched for more than 2 yrs.

[jrockway]

A real security hole, or one like "if someone watches you type your PIN code, they'll know your PIN code"?

[Scaevolus]

Security holes that render the permissions system completely useless, since even a no-permissions app can end up doing anything.

[fpgeek]

Do you have an example?

The cases I've read about were of the form "app A asks app B to do something it can't via the Intent system". That sounds scary until you realize that a standard example of this is an app that can't access the network sharing something via email. In other words, app A has transferred control to app B and what the user does (or doesn't) decide to do with app B is their choice, not app A's.

[jrockway]

Indeed. Delegation via intents makes things more secure as broken code can be patched in one place rather than in many. And, you get tighter control over what apps can do: if you never want an app to share something via Facebook, simply uninstall the app that provides the "share via Facebook" intent.

[fpgeek]

Interesting point. Sometimes I find myself wanting to keep the app, but drop the intent. Usually that is to shorten a list, but not always. I'd love to see low-level intent-blocking (as well as low-level, fine-grained permissions blocking, but that's a whole other story).