Android fake ID security flaw
Bluebox Security releases a report that shows that Android’s application ID system does not properly check to make sure application IDs are legitimate. This makes it so that, for instance, a fake Google Wallet application could be created to steal people’s money:
Every Android application has its own unique identity, typically inherited from the corporate developer’s identity. The Bluebox Security research team, Bluebox Labs, recently discovered a new vulnerability in Android, which allows these identities to be copied and used for nefarious purposes.