Android Device Makers Need To Do More To Protect Users From Old Bugs, Per Study
According to a new study conducted by University of Cambridge from the United Kingdom, almost 90 percent of all Android powered mobile devices are at risk because of the Android device makers’ failure to deliver patches. When it comes to evaluating Android run smartphones, mobile users, regulators, and corporate buyers all face a similar problem -- not one of them has any idea which smartphone vendor will supply the patches right after Google has developed the fixes for various security bugs present on its Android mobile operating system.
As noted by Daniel Thomas, Alastair Beresford and Andrew Rice in their study, the market for Android security patches has become similar to a market for lemons. What is happening now is that the maker of Android devices knows whether their products are secure in terms of Android path updates, but the end user, unfortunately, is entirely clueless whether his or her smartphone or tablet, has been updated to the latest fixes.
Thomas, Beresford and Rice collected information from more than 20,000 Android mobile devices that have been installed with the Device Analyzer mobile app. Their data indicates that 87 percent of Android powered handsets were vulnerable to at least one of 11 security bugs in the public domain in the past half decade, which includes the recently found TowelRoot issue (Cyanogen has fixed this in 2014), and FakeID.
The trio of researchers also discovered that Android powered devices on average get 1.26 updates every year. As explained by Rice, the security community for some time now has bemoaned the lack of security updates for various Android handsets, and he hopes that the research they conducted can help consumers decide on which devices to purchase (in consideration of security factors), as well as give an incentive for device makers and wireless carriers to be more diligent in the prompt delivery of security updates.
With recent reports of a couple of new Stagefright bugs, it is imperative for device makers to be more proficient in rolling out patches. South Korean tech giants like Samsung and LG have expressed commitment in following Google in the proper scheduling of monthly security update rollouts, particularly for Google Nexus mobile devices. But for Taiwanese phone maker HTC, monthly updates do not seem feasible, because of the bottleneck in the wireless carrier testing phase, especially with regards to devices that need to be certified by network operators.
Still, the fact remains that security patches need to be more available to end users quickly. According to the study that Google, LG, and Motorola were better at this area compared to Samsung, HTC, and Asus.
Related Blog Articles
- Aging Your Smartphones: How Attackers Do It
- Verizon Adds 1.3 Million Net New Customers In Third Quarter Of 2015
- iOS 9 Achieves 61 Percent Adoption Rate Among iOS Users
- US Mobile Makes Changes To Voice, Data Pricing Structure
- Is Your Cable Company Using Metered Data?
- Introducing AirConsole: A Games Platform That Turns Smartphones Into Controllers
- Ericsson CEO: 5G Won’t Just Be About Speed
- Is Comcast Planning To Offer Wireless Services?
- Smartphone Shipments In Third Quarter Hit Near-Record Numbers
- New York Launches Investigation into Major Internet Providers
Related Blog Posts
- Caller ID feature coming to all devices with Google’s Phone app
- Caller ID feature coming to all devices with Google’s Phone app
- Here are the devices that LG will update once it stops its mobile business
- Apple & Google’s Exposure Notification Technology for COVID-19 is ready for use
- Steam to launch apps for streaming videos and games to Android and iOS devices