Android Smartphone Makers Have Been Misleading Users About Security Patches!

'Stolen moments' can turn into gold for mobile advertisers: Google

What they discovered is that many Android OEMs have a "patch gap" and simply update the date shown on firmware to make it look like users are up to date. That can mean frustration for those waiting for the latest and greatest feature updates - and in some cases, it can put your phone at risk with delayed or missed security updates. Compared to flagships, cheaper phones are found to be skipping more patches, which also tend to use cheaper chips.

That's according to a two-year-long study by Security Research Labs (SRL), finding a so-called "patch gap", Wired reports.

NOhl and Lell chose to carry out an investigation on the Android smartphones who received and install the latest Android updates.

Phones with Mediatek chipsets are far more likely to deceive users about the latest updates.

NOhl said in an interview on Thursday that, the patching problems that occur on smartphones can be blamed due to the complexity of the Android ecosystem and poor quality control. However, SRL researchers Karsten Nohl and Jakob Lell believe that several manufacturers are informing users that their devices have been updated, when they are actually missing important patches pushed out by Google.

Abolish death penalty, Amnesty International urges Kenya
The United States was the only country in the Americas to carry out executions in 2017. This was the case in three of the four executions in the country a year ago .

The company added that it was working with the research authors to improve detection mechanisms when a device uses an alternate patch as opposed to a Google-endorsed update. These security updates are distinct from Android OS updates, and are listed by "Security patch level" dates, which can generally be found in the "System About phone" dialog in the Settings menu on Android devices.

However, a recent study conducted by Security Research Labs has unearthed a startling fact related to the rollout of security patches.

"We found several vendors that didn't install a single patch but changed the patch date forward by several months", SRL founder Nohl said. Missing multiple patches can cause a series of vulnerabilities in a phone's software.

In the end, the researchers found that vendors like Google, Sony, Samsung and Wiko were missing 0-1 patches on average. Then there are companies like Nokia, OnePlus and Xiaomi which miss between one and three patches, while phones sold by HTC, Huawei, LG and Motorola are missing three to four patches.

While many of these missed security patches may not be inherently risky in isolation, hackers typically chain together multiple security holes to reach their goal, taking over devices and stealing data.

Related news:

Hot News

isis-killer-beheading-video-story-top IDF: Iranian drone we downed was on armed sabotage mission
Apr 15, 2018 - 01:23
Neither Washington nor Moscow want to see an escalation of the overall long-running conflict in Syria, say analysts. Khamenei has harshly responded to the Syrian operation of the West Coalition, APA reports.

isis-killer-beheading-video-story-top Sunny weekend days for Modesto, then more rain
Apr 15, 2018 - 01:18
A few passing clouds Wednesday with a much weaker cold front but temperatures only drop into the upper 60s for late next week. The bulk of the rain will fall during the first half of Saturday with close to an inch possible through Saturday night .

isis-killer-beheading-video-story-top 'Infinity War' presales are outpacing the last seven MCU movies combined
Apr 14, 2018 - 22:21
On a mission to collect all six Infinity Stones , Thanos plans to use the artifacts to inflict his twisted will on reality. We also get some playful ribbing, courtesy of Doctor Strange himself, Benedict Cumberbatch .

isis-killer-beheading-video-story-top Mary Kom wins gold medal in boxing at Commonwealth Games
Apr 14, 2018 - 22:21
India's men's hockey team lost 1-2 to England in the bronze medal playoff at the 21st Commonwealth Games here on Saturday. Meanwhile, another Indian boxer in Amit Panghal has won silver in 46-49 kg category.

isis-killer-beheading-video-story-top USA targets Syrian chemical weapons facilities with strikes
Apr 14, 2018 - 22:19
White House spokesman Raj Shah said Friday afternoon that Trump "is going to hold the Syrian government accountable". The Trump administration did not lay the blame only at the feet of Syria's leader.

isis-killer-beheading-video-story-top Woman who drove SUV with family on-board off a cliff was drunk
Apr 14, 2018 - 22:19
The California Highway Patrol, reached Friday afternoon by The Oregonian/OregonLive, couldn't confirm the Associated Press report. The 31-metre drop killed the women, both 39, and their children Markis Hart , 19; Jeremiah Hart , 14; and Abigail Hart , 14.

isis-killer-beheading-video-story-top Severe weather expected to come through late tonight
Apr 14, 2018 - 22:18
Late Friday night and early Saturday morning , potentially unsafe weather is expected to move into Northeast Mississippi . As of this morning the warm front is struggling to move to the north, keeping much of central Iowa cloudy and cooler.

isis-killer-beheading-video-story-top Forman, Oscar-winning director of 'Cuckoo's Nest' and 'Amadeus', dies at 86
Apr 14, 2018 - 22:15
Married three times, Forman met his third wife Martina - a writer three decades his junior - in Prague in the 1990s. Director of nearly 20 films, his movies earned a total of 33 Academy Award nominations, of which they won 13.

isis-killer-beheading-video-story-top There Might Be A New Self-Destructing Message Feature In The Gmail Revamp
Apr 14, 2018 - 22:14
Users will be able to select a date when the email will expire, after which the receiver will no longer be able to see the email. The message behind the link disappears after some time, but this doesn't mean that the intermediate email also disappears.

isis-killer-beheading-video-story-top Facebook CEO apologizes for 'mistake' of blocking Catholic content
Apr 13, 2018 - 07:30
What you post on the Internet is forever - even for the guy who harbors much of the world's personal information. Investigative reporter Julia Angwin says that Facebook is not the only company that collects data in this way.

isis-killer-beheading-video-story-top Afghanistan: 25 Taliban killed in attack on govt compound
Apr 13, 2018 - 07:29
He said eight Taliban, including a notorious commander, were killed in the overnight raid. The province is reportedly under Taliban control.

isis-killer-beheading-video-story-top Cynthia Nixon blunts John Boehner's curiously sudden support for marijuana reform
Apr 13, 2018 - 07:27
Boehner said in a statement his position "has evolved" from opposing to supporting legalization of marijuana. According to the investment bank, Cowen & Co, the legal industry is expected to reach $75 billion by 2030.

isis-killer-beheading-video-story-top Seahawks postpone workout with Colin Kaepernick
Apr 13, 2018 - 07:26
But, as it stands, the Seahawks still need a backup quarterback, whether it's Kaepernick or someone else. However, the meeting was canceled at the last minute over the constroversial protest .

isis-killer-beheading-video-story-top Moscow calls for meeting with Israeli ambassador after T4 Airbase strike
Apr 13, 2018 - 07:22
Meanwhile, the Syrian opposition blamed the Saturday's suspected chemical attack in the town of Douma on government forces. Lieberman did not confirm Israel carried out Monday's deadly strikes, which Syria and Russian Federation blamed on Israel.

isis-killer-beheading-video-story-top What does the future have in store for Antonio Conte?
Apr 13, 2018 - 07:20
They are 10 points behind fourth-placed Tottenham, and likely to miss out on a Champions League place. The only title we can win is the FA Cup so we go for that.