Linux Bug Puts Android Devices at Risk
A Linux bug revealed earlier this month also potentially puts up to 80 percent of Android devices at risk, according to security firm Lookout.
SecurityWatchThe TCP vulnerability—revealed by researchers from University of California, Riverside and the U.S. Army Research Laboratory—"allows an attacker to remotely spy on people who are using unencrypted traffic or degrade encrypted connections."
Since Android is based on the Linux kernel, any Android-based device running Linux Kernel 3.6 is affected, Lookout said this week. Android versions running 4.4 KitKat or above—about 80 percent of all Android devices, according to data from Statista—are therefore at risk, it estimates.
"The issue should be concerning to Android users as attackers are able to execute this spying without traditional 'man-in-the-middle' attacks, through which they must compromise the network in order to intercept the traffic," according to Lookout.
SecurityWatchThe TCP vulnerability—revealed by researchers from University of California, Riverside and the U.S. Army Research Laboratory—"allows an attacker to remotely spy on people who are using unencrypted traffic or degrade encrypted connections."
Since Android is based on the Linux kernel, any Android-based device running Linux Kernel 3.6 is affected, Lookout said this week. Android versions running 4.4 KitKat or above—about 80 percent of all Android devices, according to data from Statista—are therefore at risk, it estimates.
"The issue should be concerning to Android users as attackers are able to execute this spying without traditional 'man-in-the-middle' attacks, through which they must compromise the network in order to intercept the traffic," according to Lookout.
Still, Lookout said the flaw is of "medium severity," since exploiting it isn't easy. A patch was released on July 11, but "checking the latest developer preview of Android Nougat, it does not look like the Kernel is patched against this flaw."
As a result, "if you're running an enterprise mobility program, a number of Android devices are potentially vulnerable to a serious spying attack," Lookout said.
For now, Lookout recommended that users encrypt communications and use HTTPS connections whenever possible. Coding on rooted Android devices can also be modified to enhance security.
As a result, "if you're running an enterprise mobility program, a number of Android devices are potentially vulnerable to a serious spying attack," Lookout said.
For now, Lookout recommended that users encrypt communications and use HTTPS connections whenever possible. Coding on rooted Android devices can also be modified to enhance security.
8 Android Nougat features
Google has announced the name of its next mobile OS as Android Nougat and it's coming very soon. Here are the 8 most exciting features you can expect from the latest version.
The final developer beta preview of Android 7.0 Nougat has been seeded to developers, meaning the upcoming OS could be in for a release hopefully very soon. Following on from Marshmallow, Nougat – we still would have called it Nutella – brings a whole load of new tweaks to the Android ecosystem.
So what kind of sweet treats does Google have in mind for its new mobile OS? Allow us to chew it over.
So what kind of sweet treats does Google have in mind for its new mobile OS? Allow us to chew it over.
No comments:
Post a Comment