Home › News ›

Researchers Suggest Phone Makers Mislead Consumers About Security Patches

Article Comments

Apr 12, 2018, 1:19 PM by Eric M. Zeman

Security Research Labs says Android phone makers often miss security patches but still tell owners the phones are up-to-date. Researchers Karsten Nohl and Jakob Lell examined the code of some 1,200 phones from more than a dozen phone makers for every security patch released during 2017. They discovered phones from nearly all makers missed at least some patches. Phones from Google, Sony, and Samsung ranked fairly well, missing an average of just one patch. Phones from Xiaomi, Nokia, and OnePlus missed between one and three patches per update, while devices from HTC, Motorola, LG, and Huawei missed three to four, and phones from TCL (Alcatel) and ZTE often missed more than four patches per update. High-end devices with processors from Samsung or Qualcomm were more likely to updated properly, while low-cost devices with processors from MediaTek were less likely to be updated properly. Nohl and Lell say what's worse than the missed patches are the phone makers' claims to the contrary. "We find that there's a gap between patching claims and the actual patches installed on a device. It's small for some devices and pretty significant for others," said Nohl to Wired. "We found several vendors that didn’t install a single patch but changed the patch date forward by several months. That’s deliberate deception." The researchers claim this lulls consumers into a false sense of security, though they admit that hacking into Android phones through any of the missed patches is a difficult task at best. In response to the data, Google argued that not all the devices researched were Android certified, and that modern Android phones have other security measures in place to protect them. "Security updates are one of many layers used to protect Android devices and users," said Scott Roberts, Android product security lead at Google. "Built-in platform protections, such as application sandboxing, and security services, such as Google Play Protect, are just as important." Still, Google said it would work with Security Research Labs to investigate Nohl and Lell's findings.

Related

Samsung Refreshes Galaxy S Series with S Pen, New Cameras

Feb 9, 2022
Samsung today announced its lineup of flagship phones for 2022: the Galaxy S22 series. The top-end S22 Ultra sees the biggest changes as it essentially absorbs Samsung's Note series with an integrated S Pen stylus and a more Note-like shape and design, instead of the Contour Cut design of the other models.

Qualcomm Driving to Make mmWave 5G More Affordable in 2022

Dec 1, 2021
Qualcomm will make a big push to bring high-speed mmWave 5G to more affordable phones in 2022, according to comments made by CEO Cristiano Amon during a Q&A session at the company's Snapdragon Summit event in Hawaii today. For a phone to support mmWave 5G, multiple specialty antenna modules need to be added, which can raise a phone's price by $50 – 100.

Samsung S24 Series Adds More AI, Updates the Hardware

Jan 17, 2024
Samsung has unveiled its lineup of flagship phones for 2024, the Galaxy S24 series. The phones sport multiple upgrades in both hardware and software compared to last year's models.

Moto Tags Now Available

Aug 2, 2024
Motorola's new Moto Tags go on sale starting today, available from motorola.com and amazon.com. Moto Tags use the new, Bluetooth-based Google Find My Device network and include UWB for short-range, precision location.

Samsung Puts its Best Camera Yet in the Galaxy S23 Ultra

Feb 1, 2023
Samsung has officially unveiled its new flagship phones for 2023: the Galaxy S23 series. The S23 and S23+ have modest upgrades over last year's models, while the S23 Ultra has a significantly upgraded main camera.

more news about:

Comments

This forum is closed.

This forum is closed.

No messages

Page 1 of 1