Some Android phone makers have lied about having fully update security patches

Some Android phone makers have lied about having fully update security patches

Researchers Karsten Nohl and Jakob Lell from Security Research Labs have spent the past two years reverse-engineering hundreds of Android devices in order to check if devices are really secure against the threats that they claim they are secure against.

Android smartphone users may be being left at risk of attack due to a lack of security protection - despite thinking they were properly protected. And as vendors chalk up security points for non-existent patches, end users are left with a false sense of security.

When it comes to the consumer, it gets hard to identify if their device has been actually receiving the security update or not.

In a recent report by a German security firm, it was found that several Android phones missed multiple security patches leaving these devices vulnerable to a broad collection of known hacking techniques. Most other major Android phone makers fall somewhere in between.

Google's Pixel devices are the only ones that contained every security patch that it advertised to its users. The researchers looked into 1,200 handsets from companies like Samsung, Sony, Google, Huawei, Motorola, LG, HTC, and more and discovered that there is usually a "patch gap" between what the mobiles say have been updated and what patches have been installed. For some features, the app needs to be run on rooted Android phones, but the security patch analysis will work on all phones using a Qualcomm chipset. Despite Google's constant effort most of the vendors tend to skip on the occasional security patch for their devices and a lot of them are specific to the mid-range devices. These OEMs have just been changing the date of the security patches on the device without actually installing the associated patches an have been misleading their users. "Since then, many device vendors have improved their patching frequency: Phones now receive monthly security updates".

More news: Bill Gates and Angelina Jolie Top the List Once Again

Conversely, SRL also found that Samsung's mid-range J5 device contained all the advertised security patches.

Here are some simple steps using which you can check the status of security patches received by the smartphone.

"We found several vendors that didn't install a single patch but changed the patch date forward by several months", Nohl told WIRED.

Google, Sony, Samsung, and Wiko were missing up to one patch, while Xiaomi, OnePlus and Nokia were missing between one and three. Google's phones seem to be safe, however, as the Pixel and Pixel 2 series did not misrepresent what security patches they had. SRL Labs is going to release an update to its Android app SnoopSnitch that will let users check their phone's code for the actual state of its security updates, but it is unlikely that users will manually check for patches. Android has a lot of manufacturers, and hardly any OEM can keep up with Google's pace of releasing security patches. Google says that some of the devices in the study may not have been Android certified devices, which means that Google's standards of security would not apply to them.

Related Articles

  • National awards are out, Sridevi wins best actress for 'Mom'

    National awards are out, Sridevi wins best actress for 'Mom'

    Parvathy won the Kerala State Film Award for Best Actress in 2018 for her performance in Take Off which released a year ago . Akshay is very happy for me", Ganesh Acharya, who won the best choreographer award for " Toilet: "Ek Prem Katha ", told PTI.
    NBC Nightly News' Lester Holt Speaks to Rapper Meek Mill from Prison

    NBC Nightly News' Lester Holt Speaks to Rapper Meek Mill from Prison

    Afterward, Wale reflected on his conversation with Meek, taking to Instagram to pen a heartfelt message of support . After the meeting, Kraft spoke with reporters, arguing for action concerning criminal justice reform .
    'Coutinho would be wrong to pick up Liverpool CL medal'

    'Coutinho would be wrong to pick up Liverpool CL medal'

    The German manager thought Liverpool had become too predictable because of Coutinho and gave the green signal for the transfer. Despite Barcelona exiting the competition, Coutinho could still get on his hands on a Champions League medal.
  • Amal Clooney Covers 'Vogue,' Reveals Her Twins' First Words

    Amal Clooney Covers 'Vogue,' Reveals Her Twins' First Words

    Celebrities these days bend over backward to let us know they're just like us! . As George remembers, "Some giraffes walked up to her".
    Broad City is coming to an end

    Broad City is coming to an end

    Until then lets all drown our sorrows by remembering the greatest gift/curse that this pearl of a show gave us. Young Professionals will follow young D.C. politicos, from a script by former Obama speechwriter David Litt.
    Bruins cruise to win in playoff opener

    Bruins cruise to win in playoff opener

    The best first-round matchup in the 2018 NHL Playoffs is a battle between the Boston Bruins and the Toronto Maple Leafs . As the puck fluttered in the air over the sprawled goalie, Kuraly came in trailing the play and knocked it into the net.
  • 'I'm Almost Dead,' He Told 911. 6 Hours Later, Body Was Found

    'I'm Almost Dead,' He Told 911. 6 Hours Later, Body Was Found

    Plush said several times he was "at Seven Hills", though the operator apparently did not hear clearly or understand what he meant. The caller said he could hear "loud bangs" and could see cars parked and people walking around, according to the police audio.
    Lynx Draft Former Gophers Star Carlie Wagner

    Lynx Draft Former Gophers Star Carlie Wagner

    Wagner finished her career as the third all-time leading scorer in Minnesota women's basketball history with 2,215 points. According to the university, her deal to become head coach allows her to continue to play for the Minnesota Lynx.
    Ring smart doorbells get big price cuts on Amazon Canada

    Ring smart doorbells get big price cuts on Amazon Canada

    Amazon's Cloud Cam is yet another product under the company's direction that is, in many ways, a competitor of Ring and Blink . Google's Nest division has similar cameras to Ring , and recently launched its own video doorbell and home security system.
  • President Trump weighing drug testing for food stamps

    President Trump weighing drug testing for food stamps

    Coastal Bend residents had mixed opinions about the proposal to require food stamp applicants to take a drug test. Emails obtained by the AP, however, "suggest that a plan could be forthcoming", the news outlet noted.

    "Fortnite" Servers Have Been Taken Offline For Maintenance

    As was already mentioned, PUBG Mobile is a completely standalone experience to that of its desktop and console counterpart. Load times reduced by 25-30 seconds as a result of these changes on Xbox One and around 10 seconds on PS4.
    Wenger believes Mkhitaryan will be back at Arsenal within two weeks

    Wenger believes Mkhitaryan will be back at Arsenal within two weeks

    After that, you could see their energy drop again and we could wait for another counter-attack and we scored the second goal. I thought we showed a lot of maturity in the last 20 minutes.