April 26, 2018

Some Android Smartphone Manufacturers Hiding Missed Security Updates

13 April 2018, 10:07 | Brandon Parsons



But hacking an Android device is harder than it seems, as Android phones come with a broader set of security measures like address space layout randomization and sandboxing. The results are startling-the researchers found a significant "patch gap" between what many phones report as the security patch level and what vulnerabilities these phones are actually protected against. Like every other digital product, there are still some bugs plaguing the firmware but none of them are more bothersome than the issue that involves Google Assistant.

These are places in the code where updates should be but are not. Now, a study has discovered that manufacturers who claim swifter updates are actually lying to you, and missing out on delivering you the latest patches. The "patch gap" varies between device and manufacturer, but given Google's requirements as listed in the monthly security bulletins-it shouldn't exist at all.

For all the good of Android's open-source approach, one of the clear and consistent downsides is that the onus to issue software updates falls on the manufacturer. Out of the 1,200 phones tested by SRL, which included devices from Google, Samsung, HTC, Motorola and TCL, the firm found that even flagship devices from Samsung and Sony missed a patch. Xiaomi, OnePlus and Nokia missed around 1-3 patches.

Motorola was joined in the three-to-four-missed-patch purgatory by HTC, Huawei and LG.

Landry, Browns closing $75.5M deal
If finalized, Landry's contract will make him the fifth-highest paid receiver in football, ahead of names like A.J. The Browns have wasted no time in locking up one of their splashy offseason acquisitions to a long term deal.

In a statement provided to TechCrunch, Google pointed to the importance of various different means used to secure the Android ecosystem.

The researchers did find a correlation between skipped patches and chipsets, however. That could be due to the fact that some cheaper phones using less expensive chips are more likely to miss updates. Those with Samsung processors skipped over few patches while models using MediaTek chips missed nearly 10 patches, on average.

Google told Wired, "some of the devices SRL analyzed may not have been Android certified devices, meaning they're not held to Google's standards of security".

When it comes to the consumer, it gets hard to identify if their device has been actually receiving the security update or not. The company tried to do some damage control by listing its mechanisms like Google Play Protect which are being developed to ensure an extra security layer. "These layers of security-combined with the tremendous diversity of the Android ecosystem-contribute to the researchers' conclusions that remote exploitation of Android devices remains challenging". It further argued that modern Android phones come with security features that make them hard to hack even when they do have unpatched security vulnerabilities. The researchers agree with this assertion. Other handset makers have to examine each update and, if necessary, tailor them to fit each of their own devices. "Defense in depth means install all the patches".

Other News

Trending Now

Priyanka Gandhi miffed after being pushed at India Gate
Rahul's sister Priyanka , her husband Robert Vadra and their kids also joined the crowd, demanding justice to the rape victims. Thousands are present here including the common people and people from all parties.

Oklahoma teachers shift from marching to running for office
Ralston is among at least a dozen teachers, a lot of them first-time candidates, who are taking heed. And when they would vote on education measures, or even try to bring them up, they were voted down.

Trump says he backs 'cooperative' approach to Russian Federation probe
Dick Durbin of IL tried for a committee vote on a resolution expressing the panel's support for both Mueller and Rosenstein. The president is taking the advice seriously and is openly considering the move, sources told ABC News.

Trump, aides ponder Syria response; Mattis cites risks
He also questioned why his administration hadn't received more gratitude for dealing with the Islamic State militant group (ISIS). Trump is slated to speak with French President Emmanuel Macron and British Prime Minister Theresa May Thursday evening.

Argentinian officers claim mice ate 540kg of missing marijuana
The missing stash was then noticed by his successor, commissioner Emilio Portero , who informed internal affairs. According to the report, the policemen claimed that " mice have eaten" the enormous portion of the drug.

Amazon Com INC (AMZN) Shareholder Northern Trust Corp Decreased Stake
The median estimate represents a +1.62% increase from the last price of 72.82. $3.42 million worth of, Inc. Therefore 97% are positive. (NASDAQ: AMZN ) has 74 ratings reports on April 12, 2018 according to StockzIntelligence.

Getting into Hawaii's national parks will soon cost you more
The cost of a seven-day vehicle pass at Yosemite National Park will increase from $30 to $35, starting June 1. That was roughly 89,000 shy of the all-time record of just under 331 million visitors set the previous year.

Tiger Woods: Will play in US Open
It was at Torrey Pines in 2008 that Woods defeated Rocco Mediate in 19 playoff holes for that last major title to date. Open tournaments at the iconic venue, withdrawing in 1995 as an amateur and finishing 17th in 2004.

James McAvoy and Bill Hader in Talks for IT Chapter 2!
The sequel to the Stephen King movie It is on the way, and now we've learned two more actors who may be a part of it. The lone female member of the club, Beverly ends up in an abusive marriage as an adult.

Trades Alert! NFL Mock Draft Top 5 Picks(The Patriots Pick First)
Darren Rovell of ESPN previewed the teams with the top-five picks in the 2018 NFL Draft on Twitter , all of which are ugly. It will be very interesting to see who makes the right decisions in the draft and who acquires the players they need.