Android Phone Makers Caught Fibbing About Security Patches

Android phone makers are allegedly lying about missed security patches

Android phone makers are allegedly lying about missed security patches

Researchers Karsten Nohl and Jakob Lell from Security Research Labs have spent the past two years reverse-engineering hundreds of Android devices in order to check if devices are really secure against the threats that they claim they are secure against.

Manufacturers tell users that phones are patched up to a certain month, the researchers said, but some months have been skipped, leaving security holes that can be exploited by hackers or Android malware. SRL notes that the chips the phones used could be part of the problem. You go out of your way to keep your data safe, protecting your handset with a strong passcode, paying close attention to the permissions you grant apps, and making sure that your phone is always running the latest security updates available to it.

It would be one thing if companies were outright telling us that an update contained X out of Y recent fixes (and better still if they briefly mentioned the reasons for skipping the others), but with the way things have been operating so far, users could easily have the impression that their phones are more patched than they actually are. "Sometimes these guys just change the date without installing any patches". The phones all claim to have received at least one security update since October 2017. And if a company making those chips isn't keeping up with patches, it becomes quite hard for the manufacturers of the phones running them to fully secure their devices. SRL Labs is going to release an update to its Android app SnoopSnitch that will let users check their phone's code for the actual state of its security updates, but it is unlikely that users will manually check for patches.

Trump warns Russia, Syria that missiles 'will be coming' in tweet
Russian Federation was joined by Bolivia in voting "no" at the Security Council in NY on Tuesday afternoon, while China abstained. Iran is one of Syria's strongest backers and has sent thousands of troops and allied militiamen to support Syrian forces.

Nohl and Lell plan to present their findings at the Hack in the Box security conference in Amsterdam tomorrow, and post their full paper online after their presentation.

This OnePlus phone seems to be in decent, if outdated, security shape. In other words, some device makers have been claiming that their phones meet a certain security patch level when in reality their software is missing required security patches. Other handset makers have to examine each update and, if necessary, tailor them to fit each of their own devices. For example, Samsung's 2016 J5 accurately reported what was and wasn't installed, but its 2016 J3 said all patches were up to date when 12 weren't actually installed.

Or so you'd think.

Be careful Before to Invest in Stock: Exxon Mobil Corporation (XOM)
P/E is a popular valuation ratio of a company's current share price compared to its per-share earnings (trailing twelve months). It is positive, as 64 investors sold TWX shares while 363 reduced holdings. 73 funds opened positions while 195 raised stakes.

Xiaomi, Nokia, HTC, Motorola and LG all made the list, as well, while TCL and ZTE fared the worst in the study, with, on average, not having installed more than four of the patches they claimed to have installed on a given device. It appears Motorola may not be living up to its promises. On some phones, the patch gaps numbered in the dozens.

Bringing up the rear were ZTE and TCL, whose phones had an average of more than four missed Android security practices.

Either way, does this make you want to get rid of your BlackBerry phones in exchange for a Samsung?

Fortnite gets a pop-up fort with the new Port-a
The release date is not yet revealed but we can probably expect the update with the Port-a-Fort to hit before the end of the week. As the Port-a-Fort is now being teased in-game, we'd assumed it will be released this week, possibly alongside Week 8 Challenges.

Latest News