INSUBCONTINENT EXCLUSIVE:
Your favorite phone maker may be delivering security updates at a steady pace, but a new report states that your smartphone may still be
vulnerable to the next major exploit.That’s because crucial patches are commonly skipped over by some of the most prolific players in the
smartphone market, according to in-depth findings from Security Research Labs (SRL).Across a relatively large sample size, companies like
Google, Samsung and Sony seem to be strong enforcers of including each patch within its security updates
On the other hand, ZTE, Huawei, LG, HTC, Motorola and other big names appear to omit, at times, several patches from its releases
SRL doesn't specify phone models, but states that its testing was limited to phones that were patched during and following October 2017
In other words, the testing likely includes the latest and greatest flagship phones.How does this happenIt’s hard to exactly pin down why
some companies don’t include patches for each bug in a security update
It could come down to a lack of resources, the sheer difficulty of adapting the work across multiple devices, or the hope that the next
Stagefright-scale attack won’t happen again soon.In a statement provided to TechRadar, a Google spokesperson told us that there are cases
in which some devices use “an alternate security update instead of the Google suggested security update”
But even so, Android has other stop-gap measures to keep users safe, including application sandboxing (this limits an application from
running within a larger code environment) and the relatively new Google Play Protect feature that debuted in 2017.What does this mean for
The research firm notes that a missing patch doesn’t necessarily point to guaranteed vulnerabilities, but the big takeaway is that your
Android phone may not be as secure as you’re being led on to believe
Of course, Google is the best at sticking to security updates, but owning the Google Pixel 2 isn’t critical to staying safe as an Android
user.As more manufacturers get on board with consistently delivering monthly updates, it’s critical that each ensures that the proper
And while this seems like a tough job to keep up with as a consumer – the onus is on the software makers – the authors of the report
stated that the app SnoopSnitch will allow you determine if your updates cover the wide swath of patches necessary to stay as safe as
But if you just want to just not worry about it (we feel you), the tail-end of Google’s statement asserts that you can do just that:
“These layers of security—combined with the tremendous diversity of the Android ecosystem—contribute to the researchers' conclusions
that remote exploitation of Android devices remains challenging.”SRL states that despite the present situation, it’s a vast improvement
over 2016, as told by a report from Duo – a time when only 17% of Android phones and tablets were running the most recent patch.Via The
