Nearly 3 Million Android Phones Vulnerable To OTA Update Hijacking
Click here to post a comment for Nearly 3 Million Android Phones Vulnerable To OTA Update Hijacking on our message forum
Kaarme
Buy a cheap never-heard-of Chinese brand phone and be surprised about glaring security issues. That not happening would be as surprising as NSA never spying on random people just for the heck of it.
RealNC
Evildead666
I find it criminal that even brand new phones that cost an arm and a leg, only get updates for a couple of years, three if you're lucky.
A perfectly good working phone, but isn't secure due to the manufacturer having deemed it obsolete.
Manufacturers should be obliged to recuperate, and offer monetary compensation for any phone that they have sold, which works perfectly, but cannot be used due to them not providing the updates.
Less phones sold/made every year (who the F**k needs a new phone every year anyway....?).
More recyclyed by the manufacturer, rather than ending in landfill/Africa.
The race to upgrade every year (and even every 6 months) is what killed the Car Industry.
Its not economically feasible in the long run, you just end up with a few large manufacturers making stuff you mostly don't want, but have no other choices...
vbetts
Moderator
schmidtbag
nick0323
I left Android years ago when my phone got stuck on version 2.3 and my tablet got stuck on 3.X. A fragmented nightmare and nothing has changed since. Android these days is fine so long as you buy a phone with pure Android on it.
tsunami231
Reddoguk
You think that's bad. UK just released a study on the UK's cyber security on things like NHS and GP surgeries and many other entities and found they all still running on unsupported OSes and basically have ZERO protection.
In fact a hacker on live BBC news(covering his face and voice) showed how easy it was to get peoples private information and bank details from Dentists and other health care practices and he said they are all running out of date software like Win95 and XP(without any patches). He also mentioned old SSL versions.
Britain is screwed if we ever get a major cyber threat because we've left our nations systems get super out dated and are failing to keep up with cyber crime and attacks.
Clouseau
Going out on a limb, manufacturers have zero interest in pushing patches because it is not their OS. They all signed a third party agreement with Google for the ability to use that OS. If they did not honor that agreement to the "t", Google would have ended their ability to license it from them. So it all boils down to Google holds all the strings. Yes and it is realized that once the agreement is signed, Google washes their hands.
It's a brilliant piece of marketing. How else but through actual real world experience can drive home that one needs to purchase Google's own branded phones, if that is what is cared about. No amount of advertising will change anyone's minds and they know that. So if one is truly tired of all that non-support and security risks, they can always by a Nexus or now Pixel. Expecting a company to do the honorable thing costs. That cost would then be added to those low prices and would no longer be the cheap buys they are.
Kaarme
Dch48
Makes me even happier that my phone runs Windows 10 Mobile and only cost me $60. It gets all the updates.
Labyrinth
Don't blame Google because ****ty manufacturers like Samsung, HTC, LG, etc don't update devices quick enough.
Nexus 4 has 7.1 nougat, meanwhile Scamsung is still on its silly beta programme.
schmidtbag
No1True
And people keep defending cloud, and "what are you hiding" mesages is literally everywhere..
We just want items to work and not create problems for us.. Why cant they create unhackable phones, I mean like unhackable cars.. I mean well cars are hackable now but.. you get the point..
like unhackable monitors, tvs and dishwashers maybe? 🙂
vbetts
Moderator
schmidtbag
Backstabak
The biggest issue is the HW manufacturers. The companies that actually design all the cpus, memories and wifi chips. They have to provide a driver for each of the OS version for their products and they simply don't.
It's expensive for them, since they produce many models. Google can't really fix that and simply pushes the single OS and expects everyone to adapt to it, which is quite reasonable.
The only ones who can do something are phone manufacturers, who can demand driver support for x years. I just don't think they really want to, as they can then simply abandon the phone and have you buy the new one.
PrMinisterGR
I have a $80 Lumia 640 that gets updates at the same time as my desktop. It's on Google's hands. Nothing should stop them from delivering security related system updates.
Labyrinth
Google does release updates every single month.
PrMinisterGR