SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
21 Apr 2016

420 million Android devices don't get security updates

Google bust out the data to prove doubters wrong about the quality of Android security.
 

But, according to its second-ever yearly Android security report, issued Tuesday, as many as 420 million active devices are not supported by its patches, leaving a large number open to possible attack.

According to Google’s data, nearly 30 per cent of all active Android phones and tablets (of which there are 1.4 billion at last count) are on a version that do not receive patches. Anyone running an Android version below 4.4.4 does not currently receive security updates from the tech titan. Google, for obvious reasons, recommends users run the most up-to-date operating system. But there’s some good news: even the most high-profile vulnerabilities don’t seem to have been exploited by hackers. Despite the widespread concern around the Stagefright vulnerabilities, which affected nearly 1 billion phones, no successful exploits were ever reported.

And few devices, according to Google’s data, ever get infected with malware. Google claimed fewer than one per cent of devices (roughly 14 million) running the world’s most popular operating system had a Potentially Harmful Application (the company’s term for apps that exhibit some kind of malicious or irksome behaviour) installed during 2015. That’s as long as they were running Google Mobile Services — a collection of Google apps and tools that partners like Samsung or HTC can run by default if they so choose.

The most troublesome malware in 2015 was Ghost Push, which masqueraded as a legitimate app and attempted to install more malware once on an Android device by first rooting the phone. Google found more than 40,000 apps formed that part of the Ghost Push family, both within and outside the Google Play Store. It logged more than 3.5 billion installation attempts for the malicious apps, but the report claimed the number of affected devices was around the four million mark.

Google security improvements

The Mountain View giant has been pushing hard on security, following criticism of both its policies on Google Play admission and the dangers inherent in the fragmented Android ecosystem, where patching of vulnerabilities is mixed at best. In the last year, the Android security team, led by Adrian Ludwig, announced monthly security releases, a bug bounty programme with awards of up to $38,000 per vulnerability, and a promise to warn app developers when their software contained a concerning weakness. Of all patches issued last year, 42 per cent of the Critical, 22 per cent of the High and nine per cent of the Moderate flaws were found by Google staff, which includes the Project Zero elite team dedicated to finding previously-unknown vulnerabilities.

Overall, Google handed out $210,161 in Android bug bounties in 2015 (it only launched the Android-specific programme in July) for 30 Critical, 34 High, 8 Moderate and 33 Low severity issues (usually Low rated bugs are not rewarded). Google also claimed to have improved the security in more than 100,000 applications through its warning system.

And it said in 2015 alone it had carried out 400 million automatic security scans per day on devices running Google Mobile Services. Google didn’t report back on any attacks that didn’t use malware, such as man-in-the-middle snooping on phones over networks or in-memory hacks. Acquiring intelligence on such attacks might be tricky, given their surreptitious nature.

Tags:
Android information leaks Google
Source:
Forbes
1919
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015