Security

Manufacturers Caught Lying About Device Security

When you purchase a new Android smartphone, you want to feel assured that the company you chose is doing their best to protect your security. Unfortunately, a recent study by a German security firm showed that a majority of manufacturers we’ve instilled with our trust might not deserve it. Over 1,200 different smartphone from over a dozen vendors have security holes that leave your device and your personal information vulnerable to hackers who can exploit these vulnerabilities.

Begin Protecting Your Device
One way to start protecting your Android if manufacturers aren’t doing it is to use a reliable third-party app like dfndr security. Take advantage of a full virus scan feature and anti-hacking technology that fights any malware threats or phishing attempts. With 21 other great features included, you may not be able to control your manufacturer, but you can stay one step ahead of hackers.

Who is Guilty and Why
The study found that manufacturers who are leaving security gaps in their systems and may be attempting to deceive customers include Google, Sony, Samsung, Wiko Mobile, Xiaomi, OnePlus, Nokia, HTC, Huawei, LG, TCL, Motorola, and ZTE. As you can imagine, these companies are not small players in the Android market. At the top of the charts, Samsung holds almost 48% market share around the globe, putting nearly half of all Android users at risk. But, how exactly are these manufacturers deceiving their customers?

According to the study, the manufacturers have been claiming within their devices’ settings that all security and system patches are up to date when they are actually behind. This practice of deceit not only leaves Android phones vulnerable but also calls into question the validity of a manufacturer’s security practices. In order to find the cleverly hidden lie, the firmware of many devices had to be carefully examined.

For Some, The Problem is Worse Than Others|
Companies with a mix of patched and unpatched devices or only behind by a single patch includes Google, Sony, Samsung, and Wiko Mobile. However, of those noted previously, companies HTC, Huawei, LG, Motorola, TCL, and ZTE are at least 3 or more patches behind. While Google is the company that issues patches for the Android operating system, it’s the responsibility of each manufacturer to deliver patches to their line of handsets accurately.

Some Light at the End of the Tunnel
Luckily, there could be a possible solution. Google has begun implementing a new project they have dubbed Treble. The project attempts to fix manufacturer patching issues by putting more control of Android’s core back into the hands of Google. What this means is your device could be updated as soon as a patch is released without having to wait for a manufacturer. While Treble has been included in Android 8.0 Oreo, not all devices currently support it. However, the good news is the project will be implemented on all Android devices moving forward.

PSafe Newsroom

The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.