Previous Story
Google And Samsung Will Now Release Monthly OTA Android Security Updates
It is analogous to your brain that gives the signal to, for example, to raise your right hand when you want to. Receiving it does the trick. That is, with no trickery required on the part of the attacker to get the user to click links or download a malicious file. The vulnerability leaves almost a billion Android phones exposed. The rewards include smaller payouts for simple bug finding, similar to the bounty system for Chrome, but for full exploit chains showing a bug, exploitable proof of concept, and resulting in gaining access to the TrustZone in Android, the payout could net up to $38,000 for researchers.
On Wednesday, Google told NBC News in an email that 90 percent of Android devices were actually protected with a programming technique called “address space layout randomization” (ASLR).
Perhaps quite a few, after reports of a major security flaw affecting millions of Android devices. In the US, Sprint will issue updates to the Nexus 5, Nexus 6 and Samsung devices to fix the so-called Stagefright security exploit. Samsung will also release monthly security updates for select devices.
Less specifics details of Samsung’s plans are known, but the company says it is in talks with various carriers about how to implement the updates, which will also come “about once a month”.
But it’s not going to be enough.
Android typically lags behind iOS when it comes to the uptake of a new operating system due to the sheer number of different smartphone models in circulation.
Android Pit pointed out, however that the two circular holes on the back of the phone have one with a raised cut-out, and the other with a flat case-edge. It’s an impossible task. “This security update contains fixes for issues in bulletins provided to partners through July 2015, including fixes for the libStageFright issues”, Ludwig wrote in a blog post explaining the changes. It’s a limited sample size, and may not take into account all markets (though they do say they have devices from China).
Android is an open source operating system, meaning anyone can take the software and put it on their phone or tablet. On the other hand, Android fragmentation has a positive side effect.
In addition, Nexus devices will get security updates every single month.
That’s particularly bad when someone discovers a security vulnerability in Android.
Put it all together and these devices have a long update cycle.
Android isn’t the only mobile platform that’s vulnerable to attacks.
