If you are using Android, you may have been lied by your manufacturer about security updates
Just like that, the Android update is still not bad enough.
Android phones are still famous for slow updates - as in the most recent update in February, only 1.1% of Android users get the latest version - but obviously this has deep causes. more complicated than we thought.
Wired reported that research organization Security Research Labs (SRL) said that many Android manufacturers have lied to their users about security patches.
Karsten Nohl and Jakob Lell spent 2 years analyzing Android devices, checking whether they were actually installed the security patch as said. They discovered that many devices lacked a lot of patches while still being confirmed to be updated. They call this a patch gap.
The lack of patch sale is no coincidence. According to Wired, SRL has checked the update of each patch for the firmware of 1200 phones from Google, Samsung, HTC, Motorola, ZTE and TCL last year. As a result, even Samsung or Sony high-end segment phones are sometimes lacking.
Whether deliberately or not, this is obviously not good at all because users need to be best protected by the latest security updates. Thinking that I was protected while not so could lead to worse things. To help users, SRL has a tool called SnoopSnitch on the Play Store that analyzes the installed versions and firmware.
Whether it is updated or not, at least users should know the truth
Not all manufacturers are the same. In general, Google, Samsung or Sony sometimes lack, and ZTE or TCL is much worse when it lacks up to 4 (or more) patches compared to what they say.
As for Google, they told Wired that 'We have conducted a review of each OEM, see the device's compatibility certificate', and said it will investigate further. Google also explained some of the problems that SRL found out about ignoring the patch, that they might delete from the device, or some phones that lacked the official Android security certificate from Google.
Google sent to The Verge:
'We want to thank Karsten Nohl and Jakob Kell for their efforts to increase the security of their Android ecosystem. We are working with them to improve the mechanism of detecting situations where users choose other security updates instead of the one Google suggests. Security patch is one of many layers used to protect Android users. Platform-based integration methods such as application sandbox, security services like Google Play Protect, are equally important. These layers of security - along with the variety of Android ecosystems - also contribute to the researchers 'assumption that exploiting Android devices is still a challenge.'
See more:
- Appearing dangerous Android malicious code specializing in stealing chat content on Facebook Messenger, Skype .
- Microsoft blocked Windows 7 security updates without antivirus software
- Galaxy Note 8 officially launched Android 8.0 Oreo, did you know how to update?
Interested users download SnoopSnitch here.
You should read it
- Things to know about Android security patches
- Microsoft released an updated patch for 25 critical security holes
- List of links to download BIOS updates for Meltdown and Specter
- Microsoft blocked Windows 7 security updates without antivirus software
- How to Check for Updates on Android Phone
- How to protect the computer against Meltdown vulnerability on CPU?
Technology story
Mozilla launched Firefox 11.0 for iOS, which turned on anti-tracking by default
Samsung is sued for copyright infringement on the Galaxy S line
Vietnamobile has continued to offer a huge incentive to Saint SIM on the occasion of their 9th birthday
Where to see live the Champions League semi-final draw today?
Sony expanded its memory card product line with Cfast
Samsung Galaxy Note 9 phone can be released in early July or August this year