Are hardware makers doing enough to keep Android phones secure?

Glowing Gmail icon

Glowing Gmail icon

Security Research Labs stressed that exploiting Android handsets is still hard, but as hackers become incentivised to target smartphones, ensuring devices are kept current with patches is important.

It would be one thing if companies were outright telling us that an update contained X out of Y recent fixes (and better still if they briefly mentioned the reasons for skipping the others), but with the way things have been operating so far, users could easily have the impression that their phones are more patched than they actually are.

It can get worse that that, Nohl told Wired's Andy Greenberg. It was discovered that the smartphones tested have missed or lacked the security patch which the company claims that they have rolled out.

"Sometimes these guys just change the date without installing any patches", Nohl was quoted as saying. "These layers of security-combined with the tremendous diversity of the Android ecosystem-contribute to the researchers' conclusions that remote exploitation of Android devices remains challenging". If you are interested in seeing what patches your device is missing, the team at SRL labs has created an Android application that analyzes your phone's firmware for installed and missing security patches. In some cases, these chipsets were found to include bugs and as a result, vendors had to rely on chipset makers to roll out patches before implementing OS software updates.

Most smartphone manufacturers including the likes of players like Samsung and Xiaomi are unable to push out the latest Android updates. Other handset makers have to examine each update and, if necessary, tailor them to fit each of their own devices.

The researchers noted that the SoCs that the smartphones use may be the cause of the issue.

Or so you'd think. SRL says that it had tested the firmware on around 1,200 Android phones, looking for whether or not patches had been applied, which led to it finding devices that had changed the dates forward without actually adding the patches in. It appears Motorola may not be living up to its promises.

Missing an update or two may not end up in a device hack, but with a series of patches missing can cause some serious problems with the security of the device.

Nohl and researcher Jakob Lell found that companies like Sony and Samsung missed a few patches on average, but HTC, Huawei, LG, and Motorola had between three and four skipped patches.

Bringing up the rear were ZTE and TCL, whose phones had an average of more than four missed Android security practices.

But hacking an Android device is harder than it seems, as Android phones come with a broader set of security measures like address space layout randomization and sandboxing.

Recommended News

  • Red Flag Warning Issued For Several Eastern Ky. Counties

    Red Flag Warning Issued For Several Eastern Ky. Counties

    High winds and low humidity have resulted in a Red Flag warning for Northern Virginia, D.C. and neighboring areas through 8 p.m. These dry conditions remove moisture from vegetation, turning it into "fuel" that can burn quickly if ignited.
    National park fees raising to $35, not $70

    National park fees raising to $35, not $70

    The change resulted in an onslaught of requests for senior passes ahead of the implementation of the new price structure. He says making parks "more costly for American families" through entrance fees wouldn't have solved the problem alone.
    God of War review roundup: 3 things we learned

    God of War review roundup: 3 things we learned

    Echoes of Kratos' past, which he is reticent to discuss, haunt the warrior-turned-reluctant father, dogging his every step. There's no denying that 2160p resolution makes God of War look stunning, but the trade-off may not be worth it for some.
  • Murdoch, Seven Grab Cricket From Nine in A$1.18 Billion Deal

    Murdoch, Seven Grab Cricket From Nine in A$1.18 Billion Deal

    A partnership that enables us to further evolve our business model into a new future. AdNews will keep track of cricket rights develops as they unfold today.
    Evaluate Stock Worth of: Netflix, Inc. (NASDAQ:NFLX)

    Evaluate Stock Worth of: Netflix, Inc. (NASDAQ:NFLX)

    The Internet television network reported $0.41 earnings per share (EPS) for the quarter, hitting the consensus estimate of $0.41. The stock traders and corporate investors will also need to scrutinize both the fundamental and technical data vigilantly.
    Israel comes to standstill to remember Holocaust victims

    Israel comes to standstill to remember Holocaust victims

    Only 23 percent of Americans identified Auschwitz as an extermination camp, while 41 percent could not identify Auschwitz at all.
  • Tiger Woods officially commits to 2018 US Open

    Tiger Woods officially commits to 2018 US Open

    It was at Torrey Pines in 2008 that Woods defeated Rocco Mediate in 19 playoff holes for that last major title to date. Open champion, is amidst a comeback after nearly a year away from golf due to injury and then a fourth back surgery.
    David Humphreys releases statement on Greitens allegations

    David Humphreys releases statement on Greitens allegations

    So far Greitens has resisted calls to step down while members of his private celebration identify for it. Louis Circuit Attorney's Office said the video recording of the mistress' deposition was inaudible.
    For group of Tribe seniors, NFL Draft hopes abound

    For group of Tribe seniors, NFL Draft hopes abound

    In my previous mock draft , I had the Lions heavy on defense and waiting to select a running back until the fourth round. The Giants are moving to a 3-4 defense in 2018, and that means they need an edge rusher from the OLB position.
  • Khabib Nurmagomedov Wants Conor McGregor To Beg For A Title Shot

    Khabib Nurmagomedov Wants Conor McGregor To Beg For A Title Shot

    After a freak injury during media obligations, Ferguson pulled out and Max Holloway stepped in to take the fight and save the day. It's hard to judge who is in the wrong in this whole situation, but it hasn't shined the organisation in a positive light at all.
    Accusers confront Bill Cosby, and they aren't holding back

    Accusers confront Bill Cosby, and they aren't holding back

    She said she's never paid Allred, hasn't been paid by the lawyer and hasn't been involved litigation against Cosby. When she woke up the next morning, naked with something sticky between her legs, she said, "I apologized to Mr.
    Trump Clears Up Syria Missile Threat: 'Soon Or Not So Soon'

    Trump Clears Up Syria Missile Threat: 'Soon Or Not So Soon'

    Assad's victory in the seven-year civil war "will change the map of the region", and the "biggest loser" will be Israel, she said. British Prime Minister Theresa May has summoned her cabinet back from vacation to discuss possible military action against Syria.

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.