Researchers Catch Android OEMs Lying About Security Patches

15 April, 2018, 01:36 | Author: Bennie Parsons
  • Google might split Android security patches to deliver fast updates

Android mobile makers have been deceiving users about their smartphones' security against malware and hacking vulnerabilities. When Google creates new security updates each month, it trickles them down to device makers that get the ultimate say on how and when to update their phones.

Android and missing security patches: A report claim OEMS have been lying to users about which security patch update is installed on their phone.

Two well-known German researchers, Karsten Nohl and Jakob Lell of Berlin's Security Research Labs, plan to release a report today showing that many Android security updates are bogus.

In response to Google's statement, SRL's Karsten Nohl said that while it's unlikely that OEMs have gone as far as circumventing a patch to cover a vulnerability, he agrees that it most hackers will find it hard to hack an Android phone because of the OS's base security features like the randomization of file addresses and app sandboxing.

SRL found that of the major smartphone manufacturers, Google, Sony and Samsung performed the best, missing up to one patch, OnePlus and Nokia missed between one and three patches, HTC, Huawei, LG and Motorola missed three to four patches, while Chinese manufacturers TCL and ZTE missed more than four. Because of this, the fact that Google shared an Android wallpaper depicting a series of popsicles (see above) - which neatly meets both criteria - has led to the believe that Android Popsicle is due to be launched later this year. But keeping these devices secure requires regular patches. Overall, they identified a so-called "patch gap".


It is still a huge problem, as it makes it almost impossible for users to tell the level of security on a device.

Especially as we move to phones with screens that take up more and more of a handset's face, the idea of "buttons" for navigation - even virtual ones that slide away when we're not using them - is feeling increasingly like a holdover from a previous era. Some phone vendors did better than others.

The team has also released a few Android P wallpapers on their official Instagram account, as spotted by BGR, and they look as gorgeous as they have always been. For some features, the app needs to be run on rooted Android phones, but the security patch analysis will work on all phones using a Qualcomm chipset. Built-in platform protections, such as application sandboxing, and security services, such as Google Play Protect, are just as important.

Bringing up the rear were ZTE and TCL, whose phones had an average of more than four missed Android security practices.

Recommended:



Popular

Moscow court blocks use of Telegram messaging app
FSB's emphasis on getting access is because Telegram HS a terrorist problem due to the emphasis it places on user privacy . A request sent to the firm by the authorities to hand over the encryption keys by 4 of April was not honoured.

That Extra Glass of Wine Might Take 30 Minutes off Your Life
Drinking increases the risk of stroke , heart failure , high blood pressure and a rupture in the aorta. But the study found a striking linear relationship between alcohol intake and dying from any cause.

Storm system bringing ice, sleet, snow, rain, possible flooding to Mid-Michigan
Regardless, stay weather aware.and have a way of getting severe weather alerts Sunday night (because many of you may be sleeping). WIND ADVISORY for Saturday as winds could gust as high as 45 miles per hour with gusts up to 50 miles per hour along lakefront.

Mother was drunk when Hart family SUV plunged into ocean, police say
Her wife, Sarah Hart , had a significant amount of the ingredient in Benadryl in her system, as did two of the children, CHP said. The authorities were hunting for one additional few children: Hannah Devonte, 15; along with Sierra.

Severe Storms Possible in Iowa Friday, Winter Weather Returns Saturday
All of the latest forecast models agree with the best chance of rain and thunderstorms arriving well after sunset Sunday evening. The weather system that's moving in will have sizable impacts for those who are looking to travel now through the weekend.

Reportedly Gmail is testing confidential emails that expire automatically
The new features aim at improving e-mail privacy by limiting a message's access to the recipient for a specific period of time. The Verge notes, though, that recipients will still be able to take screenshots or photos of these confidential emails.

KIYC: Finding what information Facebook knows about you
Radio Sputnik discussed this issue with Vince Mitchell , Professor of Marketing at the University of Sydney Business School. Dingell expressed frustration with Zuckerberg's frequent promises to get back to lawmakers later in writing.

Taliban claim attack on Afghan government post, killing 18
Rahmani said the attackers planted mines to stop reinforcements from coming to help the government forces fend off the attack. Taliban said they have captured the district, a claim that was rejected by the local police officials, the TOLO News said.

YouTube Hack: Popular Music Videos Defaced
While the video for Despacito was removed, its cover image had shown a group of members wearing masks and pointing guns.

William Blair Set Outperform Rating for Netflix, Inc. (NFLX)
It is positive, as 12 investors sold WWE shares while 34 reduced holdings. 107 funds opened positions while 281 raised stakes. Note, this compares with a consensus analyst forecast of 0.65 in earnings per share for its next fiscal quarterly report.