Advanced Micro Devices (NASDAQ:AMD) Lowered to "Strong Sell" at BidaskClub
May 2018 Free Games for PlayStation Plus and Xbox Live Gold
Sensex down with 115 points closes at 34501, Nifty at 10570
AG Jeff Sessions declines to comment on recusal on Trump lawyer Cohen
Bengal Panchayat polls: Sporadic violations as fresh nominations filed
Your Android Smartphone Maker Is Lying About Missed Security Updates
13 April 2018, 03:17 | Brandon Parsons
Report: Some Android phones are given credit for security patch updates they never received
An undisclosed list of Androidphone makers have been actively deceiving customers about their devices' security against malware and hacking vulnerabilities, according to Wired, which spoke with researchers at the Security Research Lab (SRL) based in Germany.
When presented with SRL's findings, Google noted that some of the devices analysed were not Android certified devices, meaning they are not held to Google's standards of security, and also mentioned that modern Android phones usually have security features that make them hard to hack, even when they have unpatched security vulnerabilities. "We find that there's a gap between patching claims and the actual patches installed on a device". Outside of the Google Pixel and Google Pixel 2, the tests revealed that even high-end flagship models made by the top manufacturers had Androidsecurity patch updates skipped over, even if the update was credited on the phone.
But for the Note 8, the SnoopSnitch identified several patches that were after the claimed patch level.
Some devices even lied to their users about being updated to the latest versions of software and firmware available, meaning users could have been left at risk of attack. The researchers looked into 1,200 handsets from companies like Samsung, Sony, Google, Huawei, Motorola, LG, HTC, and more and discovered that there is usually a "patch gap" between what the mobiles say have been updated and what patches have been installed.
Scott Roberts, Android's product security lead also noted that security patches are only one level of protection built into Android devices.
"Now that monthly patches are an accepted baseline for many phones, it's time to ask for each monthly update to cover all relevant patches".
Conversely, SRL also found that Samsung's mid-range J5 device contained all the advertised security patches. On many occasions, it was found that the OEMs were hiding as many as a dozen missed patches.
Here are some simple steps using which you can check the status of security patches received by the smartphone. At times it was found that vendors didn't even install a single patch, but only changed the date of the update by forwarding it by several months. The vendor has to primarily depend on the chipmaker to offer a security patch and not the OS. Other handset makers have to examine each update and, if necessary, tailor them to fit each of their own devices. "That's deliberate deception, and it's not very common", SRL founder Karsten Nohl told Wired.
Bringing up the rear were ZTE and TCL, whose phones had an average of more than four missed Android security practices.
In a statement provided to TechCrunch, Google pointed to the importance of various different means used to secure the Android ecosystem. The company tried to do some damage control by listing its mechanisms like Google Play Protect which are being developed to ensure an extra security layer.
Coutinho could receive Champions League winner's medal
However, it means that if Liverpool do win the competition, Coutinho would be entitled to his own winners medal. I have that in my house in a cabinet but I say wherever I go I've only two European Cup winners' medals.
OPCW to release statement on spy poisoning
Russia lost a vote at the OPCW earlier this month to have a joint UK-Russian investigation into the Salisbury attack. Britain's Foreign Office said Wednesday that Yulia Skripal declined to speak to Russian officials.
'Newton' wins Best Hindi Film at 65th National Awards
With late Sridevi winning the National Award for the Best Actor (Female ) category, her fans have on Friday got emotional. Sridevi was one of the most decorated actors of all time with numerous awards and recognitions attached to her name.
Trump planning to pardon Scooter Libby
Libby was embroiled in an investigation into who leaked Central Intelligence Agency operative Valerie Plame's identity. Bush would later commute Libby's sentence, but did not pardon him.
PTI MNA quits party, joins PML-N
He urged to mainstream FATA by introducing local government system and devolve power to local people. He also predicted Shehbaz Sharif would be the next prime minister of Pakistan.