科技创新!
Android's open OS makes phones vulnerable to attack, report says
Don't chuck your Android phone across the room in fear just yet.
A report from the security firm Kryptowire, via Wired, shows that many Android phones are stunningly vulnerable thanks to Android's open operating system. But while this report is concerning, the real-world threat it poses to actual Android phone users might not be that big of a deal.
SEE ALSO: Why 'Fortnite' bypassing Google Play could be a security nightmareKryptowire analyzed 10 Android devices supported by U.S. carriers, and found that bugs in the firmware — the permanent pre-loaded software responsible for running the phones — left them open to attack by a malicious app.
"Pre-installed apps and firmware pose a risk due to vulnerabilities that can be pre-positioned on a device, rendering the device vulnerable on purchase," an overview of the report reads.
Kryptowire conducted the study under a grant from the Department of Homeland Security. That's notable because some of the phones it analyzed come from Chinese firm ZTE. The federal government has prohibited military employees from using ZTE and Huawei phones, and the intelligence community has also advised that they could pose a broad national security risk, if used by China to spy on U.S. citizens.
According to Kryptowire, if a ZTE ZMax phone user downloads a malicious app, the app could do everything from gain total control of the phone — sending text messages or wiping it clean — to mine it for user data. Other affected phones came from Vivo, Sony, and Sky, among others.
The vulnerability is what Wireddescribes as a "byproduct" of the Android OS business strategy: it lets third-party companies like ZTE modify the code. That ability to modify, which is what makes Android an attractive OS for phone makers, is also what's responsible for the cracks that might allow a malicious app to take over.
While all this sounds alarming, there's one important thing to remember: Bad actors don't have the ability to exploit these vulnerabilities unless a phone user downloads an app. Apps that go through the Google Play store are subject to stringent review that should prevent a malicious app from even seeing the light of day.
So unless you're already downloading apps directly from their makers, or using a non-Google verified app service, your Android phone *should* be secure. The popular game Fortnite has been in the news because it will be available directly through Epic Games' website.
This has raised all sorts of questions about the merits of an app developer stepping away from Google Play. Doing so allows the developer to skirt around Google's 30 percent cut, but this Kryptowire report reinforces security concerns we were already thinking about. Downloading the street meat of apps already makes you vulnerable, we know that — Kryptowire's revelations just make that possibility a little worse.
Phone makers need to address the issues that Kryptowire brought to light. But fear not, Android users: Chinese hackers probably won't be taking over your phone any time soon.
Featured Video For You
友链
外链
互链
Copyright © 2023 Powered by
Android's open OS makes phones vulnerable to attack, report says-天兵天将网
sitemap
文章
14
浏览
93
获赞
5
热门推荐
Activists use London Fashion Week to make a powerful statement about the Grenfell Tower tragedy
It's been nearly two years since the Grenfell Tower Fire in London, which resulted in the death of 7Donald Trump is the biggest roadblock to new net neutrality bill
The latest battle between arch-enemies Nancy Pelosi and Donald Trump could be the internet.On WednesFormer Swedish prime minister has the best time videobombing a live interview
Whatever Carl Bildt is drinking, we want a double.With a mysterious white cup in hand, the former SwApple might add third rear camera to this year's 'iPhone 11'
The marquee feature on this year's new iPhones, tentatively called the "iPhone 11," could be a thirdMeghan and Harry reveal their newborn son's name
The Duke and Duchess of Sussex have announced their newborn son's name: Archie Harrison Mountbatten-Someone has created a guide to ghost fashion and it's horrifyingly brilliant
Just because you're no longer alive and you have to travel around in a white sheet doesn't mean youMicrosoft bolsters cloud security with more AI threat detection
The Satya Nadella era at Microsoft has been defined by one overarching theme: everything ties back tFormer Swedish prime minister has the best time videobombing a live interview
Whatever Carl Bildt is drinking, we want a double.With a mysterious white cup in hand, the former SwSomeone is trolling a senator with mean fortune cookies
Back in my day, people sent hate mail to their representatives the good old fashioned way -- with leSamsung's annoying Bixby button is finally customizable
Samsung's new Galaxy S10 series is the company's third lineup of flagship phones to come with BixbyFacebook belatedly makes it harder to run some discriminatory ads
Nothing like finally doing the right thing after being sued and browbeaten into it. Sort of. ScandalSamsung's annoying Bixby button is finally customizable
Samsung's new Galaxy S10 series is the company's third lineup of flagship phones to come with BixbyThe 'Car Alarm Challenge' is here to shatter everyone's eardrums
We regret to inform you that one of the most annoying sounds in the world has inspired an internet cTwitter says it will publish 'case studies' on banned accounts
Twitter may soon start opening up more about some of its most controversial decisions.The company'sThe government won't require people to fax their consent forms anymore
Finally, Congress has the courage to face the scourge of our nation head on: the fax machine!Well, a