Reuters – Google Inc and Samsung Electronics
Co will announcement monthly security fixes for Android phones, a growing
target for hackers, after the expose of a bug designed to attack the world’s
most popular mobile operating system.
The change came after security investigator
Joshua Drake unveiled what he called Stage fright, hacking software that allows
attackers to send a superior multimedia message to an Android phone and access
sensitive content even if the message is unopened.
“We’ve realized we need to move faster,”
Android security chief Adrian Ludwig said at this week s annual Black Hat
security meeting in Las Vegas.
Earlier, Google would develop a patch and
distribute it to its own Nexus phones after the finding of security flaws.
But other manufacturers would wait until they
wanted to update the software for different aims before pushing out a fix, revealing
most of the more than 1 billion Android users to potential hacks and fiddles
until the fix.
Ludwig also said Google has made other
security changes. In an interview, he told Reuters that earlier this year the squad
broke out frequency rates of malicious software by language. The rate of
Russian-language Androids with possibly harmful programs had spiked suddenly to
about 9 percent in late 2014, he said.
Google made its incompletely weekly security
scans of Russian phones more frequent and was able to reduce the problems to
close to the global norm.
Ludwig said improvements to recent versions of
Android would limit an attack s effectiveness in more than nine out of 10 mobiles,
but Drake said an attacker could keep trying until the gambit worked. Drake
said he would release code for the attack by August. 24, putting pressure on
manufacturers to get their patches out before then.
Nexus phones are being efficient with
protection this week and the vast majority of major Android handset makers are
following suit, Ludwig said.
Samsung Vice President Rick Segal recognized
that his company could not force the telecommunications carriers that buy its
devices in unpackaged to install the fixes and that some might do so only for
higher-end users.
“If it’s your business clients, you’ll push
it,” Segal said in an interview. Samsung is the largest maker of Android
phones.
Ludwig said countless Android security scares
were overblown. He added that only about one in 200 Android phones Google can
peer into have any hypothetically harmful applications installed at any point.
Drake noted that those figures exclude some
products, including Fire products from Amazon, which use Android.
As with Apple s iPhones, the biggest
security risk comes with apps that are not downloaded from the authorized
online stores of the two companies.
Stolen files from Hacking Team, an Italian
company selling snooping tools to government agencies around the world, showed
that a key avenue was to encourage targets to download legitimate-seeming
Android and iPhone apps from imposter websites.
0 comments:
Post a Comment
Don't Forget to Share and Comment