Tweaks made to Android OS are causing massive security holes
//
6:01 am Tue
Aug 14, 2018
googletag.cmd.push(function() googletag.display('div-gpt-ad-1532473794430-0'););
Tweaks made to Android OS are causing massive security holes
Last month, I used up a good chunk of text talking about how much I’ve come to enjoy using Android-powered smartphones. Unfortunately, a story I ran across over at Wired has convinced me that, at least for the time being, spending significantly more time with my iPhone 6 Plus might be a good idea.
According to the report, for many Android users, it’s not necessary to download an altered .APK file from a shady torrenting website or click an email link that’ll fill your handset up with malware in order to compromise your smartphone’s security. Twenty-five different Android smartphone models, made by well-known manufacturers and available across North America, have been found to be full of security flaws and other exploitable nightmares baked into them. The most frustrating part of it all: none of the exploits detailed in the story would be there if the manufacturers had their shit together
From Wired:
The potential outcomes of the vulnerabilities range in severity, from being able to lock someone out of their device to gaining surreptitious access to its microphone and other functions. They all share one common trait, though: They didn’t have to be there.
Instead, they’re a byproduct of an open Android operating system that lets third-party companies modify code to their own liking. There’s nothing inherently wrong with that; it allows for differentiation, which gives people more choice. Google will release a vanilla version of Android Pie this fall, but it’ll eventually come in all kinds of flavors.
Those modifications lead to headaches, though, including the well-established problem of delays in shipping security updates. They can also, as Stavrou and his team have uncovered, result in firmware bugs that put users at risk.
To be clear, according to the security researchers at Kryptowire who went hunting for the vulnerabilities, none of the security issues found were the result of shitty coding on the part of Android’s development team. If you’re looking for a place to point an accusing finger, aim it toward the crackerjack software devs working for Android smartphone manufacturers like Asus, LG and ZTE. Their meddling with Google’s code to give their company’s handsets their own special flavor are where the security headaches begin and end.
Image via Pixabay
<!--
Seamus
Seamus Bellamy is a full-time hobo that writes about technology, travel and dark, delightful things while crisscrossing the globe with his partner and their pup, Boudica.
Go ahead, follow him on Twitter at @SeamusBellamy
-->
Augmented reality software shows where pipes and other underground structures are
Geographic information systems used to be 2-D maps, but new AR technologies are letting users see where pipes and other underground infrastructure is through augmented reality . Brief video showcasing a few features of the vGIS Utilities system (http://www.vgis.io/). vGIS Utilities is the most advanced augmented reality solution for GIS designed specifically with utilities, municipalities […]
READ THE REST
Watch how far green screen technology has come
BBC got to be the first to tour Intel Studios, a state of the art greenscreen facility, with no suits, no motion capture, just a live performance captured in a green dome by hundreds of cameras.
READ THE REST
Video explainer on universal quantum computers
Universal quantum computers have the potential for exponentially faster processing speeds. Seeker looks at where things stand in the race to build the first one.
READ THE REST
Why NordVPN is a better choice for private browsing
Data is worth more than gold these days, which is why companies, hackers, and governments alike are all eager to scoop up the browsing information of everyday users. For those of us not keen on disclosing our online movements, VPNs are a must-have, but many are not quite what they seem, offering lackluster encryption and […]
READ THE REST
How to Start a Profitable Podcast According to the Pros
With little more than a microphone and a bright idea, just about anyone can start their own podcast, but only a handful ever make it to “Serial”-level success. Featuring insight from a host of podcasting experts, the How To Start A Podcast Bundle Feat. John Lee Dumas breaks down the anatomy of a successful podcast, and […]
READ THE REST
Explore the world with a live feed from this easy-to-pilot drone
Drones are undeniably cool, but not all of us have the Top Gun-level piloting skills required to fly them—unless you’re using TRNDlabs’ new Spectre Drone. Designed new and expert pilots alike, this drone is loaded with fly assist features to make piloting easy, all the while you explore using its built-in HD camera. It’s available in the […]
READ THE REST
//
6:01 am Tue
Aug 14, 2018
googletag.cmd.push(function() googletag.display('div-gpt-ad-1532473794430-0'););
Tweaks made to Android OS are causing massive security holes
See all deals
Last month, I used up a good chunk of text talking about how much I’ve come to enjoy using Android-powered smartphones. Unfortunately, a story I ran across over at Wired has convinced me that, at least for the time being, spending significantly more time with my iPhone 6 Plus might be a good idea.
According to the report, for many Android users, it’s not necessary to download an altered .APK file from a shady torrenting website or click an email link that’ll fill your handset up with malware in order to compromise your smartphone’s security. Twenty-five different Android smartphone models, made by well-known manufacturers and available across North America, have been found to be full of security flaws and other exploitable nightmares baked into them. The most frustrating part of it all: none of the exploits detailed in the story would be there if the manufacturers had their shit together
From Wired:
The potential outcomes of the vulnerabilities range in severity, from being able to lock someone out of their device to gaining surreptitious access to its microphone and other functions. They all share one common trait, though: They didn’t have to be there.
Instead, they’re a byproduct of an open Android operating system that lets third-party companies modify code to their own liking. There’s nothing inherently wrong with that; it allows for differentiation, which gives people more choice. Google will release a vanilla version of Android Pie this fall, but it’ll eventually come in all kinds of flavors.
Those modifications lead to headaches, though, including the well-established problem of delays in shipping security updates. They can also, as Stavrou and his team have uncovered, result in firmware bugs that put users at risk.
To be clear, according to the security researchers at Kryptowire who went hunting for the vulnerabilities, none of the security issues found were the result of shitty coding on the part of Android’s development team. If you’re looking for a place to point an accusing finger, aim it toward the crackerjack software devs working for Android smartphone manufacturers like Asus, LG and ZTE. Their meddling with Google’s code to give their company’s handsets their own special flavor are where the security headaches begin and end.
Image via Pixabay
<!--
Seamus
Seamus Bellamy is a full-time hobo that writes about technology, travel and dark, delightful things while crisscrossing the globe with his partner and their pup, Boudica.
Go ahead, follow him on Twitter at @SeamusBellamy
-->
Augmented reality software shows where pipes and other underground structures are
Geographic information systems used to be 2-D maps, but new AR technologies are letting users see where pipes and other underground infrastructure is through augmented reality . Brief video showcasing a few features of the vGIS Utilities system (http://www.vgis.io/). vGIS Utilities is the most advanced augmented reality solution for GIS designed specifically with utilities, municipalities […]
READ THE REST
Watch how far green screen technology has come
BBC got to be the first to tour Intel Studios, a state of the art greenscreen facility, with no suits, no motion capture, just a live performance captured in a green dome by hundreds of cameras.
READ THE REST
Video explainer on universal quantum computers
Universal quantum computers have the potential for exponentially faster processing speeds. Seeker looks at where things stand in the race to build the first one.
READ THE REST
Why NordVPN is a better choice for private browsing
Data is worth more than gold these days, which is why companies, hackers, and governments alike are all eager to scoop up the browsing information of everyday users. For those of us not keen on disclosing our online movements, VPNs are a must-have, but many are not quite what they seem, offering lackluster encryption and […]
READ THE REST
How to Start a Profitable Podcast According to the Pros
With little more than a microphone and a bright idea, just about anyone can start their own podcast, but only a handful ever make it to “Serial”-level success. Featuring insight from a host of podcasting experts, the How To Start A Podcast Bundle Feat. John Lee Dumas breaks down the anatomy of a successful podcast, and […]
READ THE REST
Explore the world with a live feed from this easy-to-pilot drone
Drones are undeniably cool, but not all of us have the Top Gun-level piloting skills required to fly them—unless you’re using TRNDlabs’ new Spectre Drone. Designed new and expert pilots alike, this drone is loaded with fly assist features to make piloting easy, all the while you explore using its built-in HD camera. It’s available in the […]
READ THE REST
Augmented reality software shows where pipes and other underground structures are
Geographic information systems used to be 2-D maps, but new AR technologies are letting users see where pipes and other underground infrastructure is through augmented reality . Brief video showcasing a few features of the vGIS Utilities system (http://www.vgis.io/). vGIS Utilities is the most advanced augmented reality solution for GIS designed specifically with utilities, municipalities […]
READ THE REST
Watch how far green screen technology has come
BBC got to be the first to tour Intel Studios, a state of the art greenscreen facility, with no suits, no motion capture, just a live performance captured in a green dome by hundreds of cameras.
READ THE REST
Video explainer on universal quantum computers
Universal quantum computers have the potential for exponentially faster processing speeds. Seeker looks at where things stand in the race to build the first one.
READ THE REST
Why NordVPN is a better choice for private browsing
Data is worth more than gold these days, which is why companies, hackers, and governments alike are all eager to scoop up the browsing information of everyday users. For those of us not keen on disclosing our online movements, VPNs are a must-have, but many are not quite what they seem, offering lackluster encryption and […]
READ THE REST
How to Start a Profitable Podcast According to the Pros
With little more than a microphone and a bright idea, just about anyone can start their own podcast, but only a handful ever make it to “Serial”-level success. Featuring insight from a host of podcasting experts, the How To Start A Podcast Bundle Feat. John Lee Dumas breaks down the anatomy of a successful podcast, and […]
READ THE REST
Explore the world with a live feed from this easy-to-pilot drone
Drones are undeniably cool, but not all of us have the Top Gun-level piloting skills required to fly them—unless you’re using TRNDlabs’ new Spectre Drone. Designed new and expert pilots alike, this drone is loaded with fly assist features to make piloting easy, all the while you explore using its built-in HD camera. It’s available in the […]
READ THE REST
Clash Royale CLAN TAG#URR8PPP
