Hi Dianne Hackborn, Yes, in Android phones if an installed IME is chosen there is a security prompt displaying "The input method may be able to collect all the text you type,....."
I guess then it is up to user to look at the permissions during installation and be sure of what he/she is installing. Regards, Perumal On Jan 5, 12:23 pm, Dianne Hackborn <[email protected]> wrote: > On Tue, Jan 4, 2011 at 8:02 PM, perumal316 <[email protected]> wrote: > > Ok. Meaning those custom keyboards available for installation to > > Android can be potentially malicious? > > Well everything in the world can potentially be malicious. You'll need to > specify more fine-grained what you mean. If you mean that an IME you > install, enable, and select, which also has a way to get internet access > (such as through the internet permission), can log everything you are typing > and upload it to the internet... then sure. That's explicitly what it is > allowed to do. > > -- > Dianne Hackborn > Android framework engineer > [email protected] > > Note: please don't send private questions to me, as I don't have time to > provide private support, and so won't reply to such e-mails. All such > questions should be posted on public forums, where I and others can see and > answer them. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
