A group of network security researchers found a security flaw in G1. The discovery was made within days after the phone's initial launch.
The flaw could be exploited by an attacker who might trick the user into visiting a Phishing website. It could be possible for a hacker to install malicious software that could capture keystrokes entered by the user. The keystrokes are recorded when the user is surfing other Web sites. This serious exploit could potentially make it possible for a hacker to steal identity information or passwords when the user signs into Web sites.
T-Mo and Google are working on the issue. So you can expect an OTA update soon.
Update : The flaw has been discovered by Charles A. Miller who had earlier found flaws in OS X, the MacBook Air, and iPhone. Google is not too happy with Miller going public with the flaw. Google executives said they believed that Miller had violated an unwritten code between companies and researchers that is intended to give companies time to fix problems before they are publicized.
[Source
NY Times]
Security flaw in G1
Linear Mode
