Published On: Thu, Feb 16th, 2017

“Stagefright Had No Confirmed Cases of Infection,” Google Says Android Security Scares Are Mere Hype

Stagefright confidence flaw, that stirred Google to change a approach it used to respond to confidence threats by pulling out monthly confidence updates, substantially hasn’t putrescent a singular device, Adrian Ludwig, a Lead Engineer for Android Security during Google, said. Ludwig was vocalization during this week’s RSA Security conference.

Despite all a warnings that are put out opposite Android security, claiming that over 90 or 95% of all Android inclination are exposed to these attacks, Ludwig says in reality, there are unequivocally few reliable cases of these flaws being exploited.

The Register reported that Ludwig also cited the MasterKey vulnerability that was speckled in 2013 and FakeID smirch reported in 2014. 99% of Android inclination were exposed to MasterKey, however, “exploits abusing a confidence fumble appearance during reduction than 8 infections per million users.” He combined that there were no exploits for a disadvantage before a sum were done public.

82% of inclination were exposed to FakeID vulnerability. But, “exploits appearance during one infection per million users after a sum were released” and not a singular occurrence before that.

Previously, Samsung had also called these threats “theoretical.” While Ludwig might play down a astringency of Android security, as Google has a reason to do so, it is true that not all the exposed inclination are, in fact, pounded given many of these flaws still rest on amicable engineering techniques, such as phishing. Another indicate to cruise is that Ludwig’s sum are entrance from Google Play services.

Ludwig pronounced he was certain of his figures, due to malware-detection routines, dubbed Verify Apps, in Google Play services, that is commissioned on some-more than 1.4 billion Android handhelds. Verify Apps reports behind to Google when a program nasty is speckled on a device, permitting a web hulk to kid adult infection tallies.

This means that other Android stores – aka a barbarous Unknown Sources – sojourn unaccounted for. Considering a perfect series of users in China who have to rest on these third-party app stores, a sum series of putrescent inclination could be unequivocally high than Google’s central estimates.

“Most of a abuse we get isn’t engaging from a confidence perspective,” Ludwig pronounced of Android confidence threats being easier in nature. “We see spamming ads for feign antivirus things though it’s unequivocally simple amicable engineering. Even if malware is commissioned it occasionally concerned payoff escalation, it essentially only downloads other apps.”

While Ludwig claims that no one has been influenced by Stagefright, a disadvantage is a reason because we get those monthly confidence updates from Google. It’s also a reason Google started pulling the OEMs to send unchanging confidence and underline upgrades to their Android devices.

About the Author

Leave a comment

XHTML: You can use these html tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>