Menu
Ju Peng Story Fabricated by Dating App Maker

Ju Peng Story Fabricated by Dating App Maker

Amazon Countdown to Black Friday 2014 Sale Announced

Amazon Countdown to Black Friday 2014 Sale Announced

Microsoft Band and Microsoft Health Announced

Microsoft Band and Microsoft Health Announced

Captain Marvel and Black Panther Marvel Superhero Movies Announced

Captain Marvel and Black Panther Marvel Superhero Movies Announced

Xbox One Limited Edition Call of Duty: Advanced Warfare Bundle is $50 Off

Xbox One Limited Edition Call of Duty: Advanced Warfare Bundle is $50 Off

Fragmentation Bites Android In the Butt, Makes YOU Less Safe

May 17 2011, 1:10pm CDT | by , in News | Technology News

Fragmentation Bites Android In the Butt, Makes YOU Less Safe
 
 

Google's OS is too big and too disorganized to stay safe.

If you're an Android smartphone owner, congratulations! There's a 99% chance your phone is vulnerable to an extremely devastating exploit. Security researchers recently uncovered a vulnerability in Android 2.3.3 and earlier. Due to an incorrect authentication protocol, authentication tokens for several apps are being sent in unencrypted cleartext.

An AuthToken works for up to 14 days and can be used to gain access to a 'secure' account. Google Calendar, Contacts and more are believed to be at risk. One researcher described the exploit as "quite easy" to do. Google has already released a fix for the issue but, thanks to the shocking state of Android fragmentation most users do not yet have it. An estimated 99% of Android phones are still unprotected.

This brings us to the major issue fragmentation poses for the future of Google's mobile operating system. An OS like Windows has no trouble pushing updates to millions of users. They may not all choose to download it when prompted, but Microsoft has the ability to offer every legal Windows user a fix as soon as it becomes available. That isn't even an option for Google.

There are many Android devices running weird custom UIs and filled with carrier bloatware that can't rely on the 'stock' Google updates to fix their problems. What if your phone still runs Android 2.1? Or if it has the Sense UI? And what if your carrier decides they don't want to push the update right then? You're left high and dry- and very vulnerable.

The longer Android's reign continues, the more often problems like these are going to crop up. So far, Android has thus far avoided a cataclysmic information disaster ala the PSN hack. But they aren't invulnerable and you can trust that there are very smart people working to exploit the OS right now. If Google doesn't find a way to keep the mass of Android users secure, they risk losing consumer confidence.


You trust a lot of data to your smartphone. You give it your name, address, email, password info, credit card details and every least snippet of your private life. We like to think these little plastic and metal boxes of secrets are secure. News like this underscores the fact that, past a certain point, the average person is helpless to maintain the sanctity of his or her own secrets. We have to rely on Google for that. And it looks like Android has grown to big now for even them to control.

Recommended For You

Comments

blog comments powered by Disqus