50% of Android devices have vulnerabilities
According to one study, about half of the existing Android phones (250 million worldwide) would present serious vulnerabilities that could be resolved through updates that do not quite reach the end users.
The study was conducted by the company Duo Security (specializing in computer security) by taking a sample of about 20 000 Android phones, which were scanned for vulnerabilities through an application called “X-Ray”, downloadable for free from its website .
These vulnerabilities could be exploited by malicious applications that are often placed successfully in both the Google Play Store as specialized websites, because they can be added to this app store without preflighting Google. Additionally, there are many applications available easily pirated for download on various websites, which often have malware.
The way to resolve these vulnerabilities is updated version of android, quite complex due to the high number of brands and models available, in addition to its various versions, which leaves us with an extremely high number of possible combinations.
The responsibility to provide such updates is the operator by the manufacturer, but in many cases, phones are upgradeable not receive any updates, so it is the user who must perform the update manually (thanks to open source projects like Cyanogen or MIUI). However, this process is not easy and involves certain risks, such as leaving the phone unusable in case of a failure during the update process.
“Yes, it is a scary number, but exemplifies how important a speedy update for mobile security and how poor are the updates offered by operators and manufacturers so far”
said CTO of Duo Security, Jon Oberheide.
The worst of it is that we do not see a major change in the short term, despite Google’s efforts to limit fragmentation, since in many cases certain manufacturers seem to have no interest in providing updates despite requests and pressures user groups. Do they bet the manufacturers and operators to planned obsolescence? The facts seem to say yes.
That is why the two latest versions of Android (4.1 and 4.0 Jelly Bean Ice Cream Sandwich) yet have a low level of implementation, although Ice Cream Sandwich was released over a year ago.
The solution must come trialogue between Google, manufacturers and operators, in order to provide the user with more frequent updates to allow yourself less vunerables phones attacks of malicious applications.Tags: Android, Google, X-Ray