Comment by icebraining
12 years ago
What kind of security bug? The only thing the program should need is a secure place to store the tokens - which I expect is provided by Android, no? - and to read the time from the system. It shouldn't be exposed to anything else.
Some theoretical bug. It happens, even in simple stuff.
More likely would be e.g. a platform finally getting a halfway decent way to store secrets (which iOS got with the 3GS and even better with iOS 5/6/7), and which Android as a whole still lacks (specific manufacturers are adding it, like Samsung, but it's not a standard due to Google being insane). I don't see a zombie client rapidly adopting those new storage technologies.