[gomyr]

I just bought a Samsung Fascinate 3G phone with the android 2.2 OS on the Verizon network. Aside from downloading infected apps, opening an infected email or some other action initiated by the user, is it possible for someone OTHER than the user to cause a phone to be infected by direct means? The scenario I am considering is someone sitting in a cafe or other busy location and somehow using their own phone or computer to seek out other devices nearby and either infect them or infiltrate them for the purpose of gaining people's personal and confidential information. Does anyone know if this is currently possible/feasible, if so is it being done, and is there any known way to protect against it?

I routinely keep my phone's bluetooth, wifi, and 2 out of the 3 default location identification applications off for this very reason.

Is this being prudent or parnoid?

Thanks in advance for your replies.

Gomyr

[Arranf]

No you're not being paranoid. just as vulnerable on your phone. While this sort of exploit is mostly theoretical there have been genuine security flaws that could, and have, posed a security risk such as the .pdf exploit on the iOS.

It's worth noting that the majority (if not all?) of 'android exploits', relating to the OS itself, are only proof-of-concept and that malicious apps and browser exploits should be your only real concern.