> Of course, since Android now supports native code, hackers can attack the kernel API. I kind of hate to admit this, but that API might be one of the more vulnerable parts of the system at the moment.
I think the image display libraries and the web browser are still prime attack targets (written in C, note!). Think of an MMS message, spam email, or webpage that takes control of your phone. And of course emails or MMSes itself to all your contacts to continue propagation.