Fake android security updates!! - People, World and Technology

Breaking

Monday 16 April 2018

Fake android security updates!!

For a very long time, Google has been struggling to make it's widely popular android operating system as secure as possible by constantly updating the software and providing the latest security patches frequently. But, the fact that I mentioned the word 'struggling' is very intentional because although Google has been releasing the android security patches, but the other phone manufacturers which ship their smartphones with the android operating system have largely failed to deliver these security patches to the end-user.
fake android updates

There are some manufacturers like Samsung, LG and Sony which do provide updates for their smartphones albeit their high-end flagship devices but that too are delayed. Google's initiative like the Android ONE smartphones and the new Google Pixel devices have tried to shrink that gap but has mostly failed. It is likely that you might not have received more than one update from the day you bought your smartphone and even if you tell me that you are regularly receiving updates from your manufacturer then today I have something that might just blow up your mind!!

According to researchers at the Security Research Labs, Germany - Karsten Nohl and Jakob Lell have revealed that most of the smartphone manufacturers are skipping android security updates frequently. What this means is that, although your device may show that it's running on the Google's latest android security patch, it still possibly could have been missing some of the android security updates which were released in the past. They have called this as "Patch Gap".

This is very surprising as this gives us a hint as how much does the security of a user mean to these giant companies. The companies are providing fake updates to the user which do not provide any added functionality or improvements but are merely a date change exercise for the smartphones. No patch is installed on the device instead, the date of the current security level changes, fooling the user that he/she is on the latest version of the security patch and protected from the newly discovered exploits.

Although, hacking a smartphone which is missing a few of the android security patches is not an easy task and it would require a highly skilled hacker to get some valuable information out of the device using the unfixed exploits. But, the point here is not how secure our device is before and after the updates, it is about the shady dark world in which most of the users are kept by these large firms.

And it is not just the lower level smartphone manufacturers who have been an active participant in this frequently missing of the security patches or the "Patch Gap" as termed by researchers at Security Research Labs. Some very well reputed smartphone brands such as Samsung, LG, Sony and many more also have devices that have received updates and still miss some patches.

Researchers at SRL, Germany have studied a total of 1200 devices and after careful examination of the devices from various smartphone manufacturers they classified the companies into categories on basis of the number of security patches that most of their devices were missing. The table is shown below.

Missed Updates
0-1
1-3
3-4
4+
Vendors
Google
Samsung
Sony
Wiko
Xiaomi
Oneplus
Nokia
HTC
Huawei
Motorola
LG
ZTE
TCL

What are your opinions on this deceptive move from the tech giants. Let us know in the comment section below.

No comments:

Post a Comment