ISE has not released full details about this issue and are working with Google to resolve the issue. It looks like the impact of this vulnerability is limited to running any code with the privileges of the web browser application and information that it has access to. So a web site would have to trick the user into entering confidential information or cookies and cache from the browser sessions.

What concerns me is the speed at which this has been found. It makes me wonder if there are many more just waiting to be found. There will always be bugs and issues when it comes to software development, but this exploit doesn’t seem to be overly complicated and should have been caught before the release.

Ultimately, this will be a good test of the over-the-air update feature of Android.

You can read more information regarding this exploit on the ISE web site.

An application kill switch isn’t a bad thing, in and of itself. I spend a lot of time helping people manage their fleet of mobile devices, and one of the features that people are looking for is the ability to remotely kill and block applications on the device. Why? Simple, if the company pays for the device, they ma y not want you spending all day in some Facebook application, or installing Google Maps. As a company device, it’s their choice. As a consumer device, is it really Google’s place to prevent you from running an application on the device?

The article over at ComputerWorld indicates that Google “may discover a product that violates the developer distribution agreement” and based on that, they “retain the right to remotely remove those applications from your device at its sole discretion”. This worries me. It’s one thing for a company to control the devices they provide to their employees. It’s something entirely different for a software company to tell me what programs I can and cannot install on my phone. I realize that this could be used for good, for example – a virus, trojan, or what have you. But it can also be used for not so nice things, like forcing third party developers to only distribute their applications using your application store, or preventing applications from developers that don’t meet your guidelines. There’s so many questionable circumstances where this could be used.

I guess it’s a matter of time before we know exactly how it will be used by Google. But I’m pretty concerned and cautious about this move by Google.

I haven’t had a chance to get my hands on one of these as of yet. I am hoping that will change in the not too distant future. I’m concerned about the “chin” when the device is open with the keyboard exposed. I’m not sure how comfortable this may be to type on. The size, as you can see from the attached image (courtesy of Matt’s extensive image gallery), is a little longer than the iPhone. But nothing that’s too drastic. It should fit nicely into most pockets.

Does Google have a hit on their hands? Take a read of Matt’s review and let us know your thoughts.