Tech

87% of Android phones are vulnerable to hackers, researchers warn

Updated: 2015-10-15
Share this news?...Click box   Bookmark and Share
Read more on: Android phones   Android devices  

Researchers found that on average 87.7% of Android devices are exposed to at least one of 11 known critical vulnerabilities - and say manufacturers, not Google, are to blame.
    
The huge number of Android handsets from different manufacturers combined with the number of different versions of the software has left millions of handsets vulnerable to hackers, a new study has claimed. 
   
Researchers analysed the handsets and software they were running. 
  
'We find that on average 87.7% of Android devices are exposed to at least one of 11 known critical vulnerabilities,' the Cambridge team concluded.

The study uses data collected by the team's Device Analyzer app, which is available from the Google Play Store. 
  
Daniel Thomas and Alastair Beresford, the pair behind the study, blame phone makers. 
 
'The app collects data from volunteers around the globe and provides us with the statistical data we need' said Daniel Thomas, lead author of the study. 
 
'We have used data from over 20,000 devices to support our results, but we're keen to recruit more contributors.' 
  
'The security community has been worried about the lack of security updates for Android devices for some time,' said Dr Rice, 
 
'Our hope is that by quantifying the problem we can help people when choosing a phone and that this in turn will provide an incentive for manufacturers and operators to deliver updates.' 
 
'Google has done a good job at mitigating many of the risks,' said Dr Beresford 
 
'and we recommend users only install apps from Google's Play Store since it performs additional safety checks on apps. 
 
'Unfortunately Google can only do so much, and recent Android security problems have shown that this is not enough to protect users. 
 
'Phones require updates from manufacturers, and the majority of devices aren't getting them.'
 
'The security of Android depends on the timely delivery of updates to fix critical vulnerabilities,' the pair wrote in the new paper. 
 
'In this paper we map the complex network of players in the Android ecosystem who must collaborate to provide updates, and determine that inaction by some manufacturers and network operators means many handsets are vulnerable to critical vulnerabilities.' 
 
'On average over the last four years, 87% of Android devices are vulnerable to attack by malicious apps,' they said on a blog post explaining the research. 
  

After the participants opted into the survey, the University says it collected daily Android version and build number information from over 20,400 devices. 
   
'This is because manufacturers have not provided regular security updates. 
 
'Some manufacturers are much better than others however, and our study shows that devices built by LG and Motorola, as well as those devices shipped under the Google Nexus brand are much better than most. 
  
The pair also created a special site to check phones for vulnerabilities. 
 
The paper concludes that 'the bottleneck for the delivery of updates in the Android ecosystem rests with the manufacturers, who fail to provide updates to fix critical vulnerabilities.' 
 
'Unfortunately something has gone wrong with the provision of security updates in the Android market,' the study said. 
 
'Many smartphones are sold on 12–24 month contracts, and yet our data shows few Android devices receive many security updates.' 
 
Android devices receive, on average, 1.26 security updates per year, resulting in long stretches of time where the devices are at risk. 
  
'The difficulty is that the market for Android security today is like the market for lemons,' the study says. 
 
'There is information asymmetry between the manufacturer, who knows whether the device is currently secure and will receive security updates, and the customer, who does not.'
 
However, the team admit Google is not to blame.
 
'Google has done a good job at mitigating many of the risks, and we recommend users only install apps from Google's Play Store since it performs additional safety checks on apps.
 
'Unfortunately Google can only do so much, and recent Android security problems have shown that this is not enough to protect users.
 
'Devices require updates from manufacturers, and the majority of devices aren't getting them.

SOURCE:
dailymail.co.uk
 
Editorial Message
This site contains materials from other clearly stated media sources for the purpose of discussion stimulation and content enrichment among our members only. 
whatsonxiamen.com does not necessarily endorse their views or the accuracy of their content. For copyright infringement issues please contact editor@whatsonxiamen.com
Share this news?...Click box   Bookmark and Share
Comments Area ( Total Comments: 1 )
GracySmith commented on 13 Sep 2017
Nice update keep sharing . QuickBooks established with a mission to provide the facility for accounting purpose where users can manage their all kind of accounts and statics hassle free. Users can avail the facility to resolve their technical issues through QuickBooks tech support +1-855-861-4161 24x7.