A flaw in Android’s GUI framework let university researchers hack into applications with up to 92 percent success. They tested apps from Gmail, H&R Block, Newegg, WebMD, Chase Bank, Hotels.com and Amazon. “Changes in the shared memory side channel allow an attacker to infer if there is an activity transition going on in the foreground,” said researcher Zhiyun Qian, an assistant professor at the University of California at Riverside. “This is a design choice by modern OSes … . The same attack may work as well [on other mobile OSes],” he added.