A brief description of the most significant “holes” in the operating system from Google, affecting it since last summer.
- TowelRoot Futex Linux
- First public mention: June 2014. Hazard level: 2/5. Affected versions: most phones based on Android before 4.4 Relevance: Devices that received updates after June 2014 are out of danger.
- Android FakeID
- First public mention: July 2014 Danger level: 2/5 Affected versions: before Android 4.3 Relevance: devices with OS version 4.4+
- Hacking the installer Android
- First public mention: March 2015 Hazard level: 1/5 Affected devices: using third-party applications, version prior to 4.3 Relevance: devices with version Android 4.3 out of danger
- Stagefright, MMS vulnerability
- First public mention: July 2015 Danger level: 5/5 Affected Devices: Everything up to OS 5.1 Relevance: the vulnerability has not been fixed. Some cellular networks have been able to deactivate automatic reading of MMS after receiving the corresponding patch from Google.
- 'Certifi-gate'
- First public mention: August 2015 Severity: 3/5 Affected Devices: Everything up to OS 5.1 Relevance: not fixed, manufacturers will have to release plugin updates.
TowelRoot Futex Linux
First public mention: June 2014.
Hazard level: 2/5.
Affected versions: most phones based on Android before 4.4
Relevance: Devices that received updates after June 2014 are out of danger.
An unusual kernel-level vulnerability that affects the futex subsystem was originally discovered and exposed to the public by a 'white hacker' known as Pinkie Pie. However, shortly thereafter, the vulnerability was included in TowelRoot, an application from the well-known hacker George Hotz for gaining root access to devices Android 4.4, in which the potentially dangerous potential of the discovered vulnerability was directed towards a more peaceful channel .
Android FakeID
First public mention: July 2014
Danger level: 2/5
Affected versions: before Android 4.3
Relevance: devices with OS version 4.4+
A vulnerability discovered by a small company Bluebox Security allows a malicious application to hack the trusted status of a genuine application by cracking its electronic certificate, thereby bypassing any quarantine on the device. This alarmingly simple bug affected all devices with versions 2.1-4.3.
Hacking the installer Android
First public mention: March 2015
Hazard level: 1/5
Affected devices: using third-party applications, version prior to 4.3
Relevance: devices with version Android 4.3 out of danger
The vulnerability allows a hacker to replace an installer (or .apk file) with another using third-party application directories in order to replace the installed application with malware without the user's knowledge. The vulnerability was 'discovered' by Palo Alto Networks, and at the time of discovery more than half Android of smartphones could have been compromised in this way.
Stagefright, MMS vulnerability
First public mention: July 2015
Danger level: 5/5
Affected Devices: Everything up to OS 5.1
Relevance: the vulnerability has not been fixed. Some cellular networks have been able to deactivate automatic reading of MMS after receiving the corresponding patch from Google.
Quite worthy of the title of the most serious vulnerability in history Android Stagefright affects a seemingly harmless component responsible for playing media files. The vulnerability, discovered by a researcher at Zimperium, allows hackers to automatically play the infected video they send on virtually any Android device. Incredibly, no user interaction is required, plus the whole message can become invisible by deleting itself.
Stagefright affects up to 95% of devices, with the exception of the Blackphone and more recently the Nexus series. It is believed that the vulnerability is not dangerous for devices with CyanogenMod, which use the TextSecure protocol.
'Certifi-gate'
First public mention: August 2015 Severity: 3/5
Affected Devices: Everything up to OS 5.1
Relevance: not fixed, manufacturers will have to release plugin updates.
A vulnerability discovered by CheckPoint affects remote support plug-ins popular among many vendors and allows an attacker to install malware on a device that provides complete freedom of action. the device is now controlled by a hacker. Products such as RSupport, CommuniTake and TeamViewer are affected.
Despite the fact that this exploit is more difficult to use than in the case of Stagefright, there is a certain possibility of installing malware via Google Play. An additional difficulty is that the vulnerability cannot be closed by the user, because the component involved is included in the smartphone by a telecom operator, not even Google. A 'cure' requires a joint effort between the operator and Google, which could delay the process.
Original article by John E Dunn
Elir: the security situation of modern operating systems is not calm, and this also applies to iOS. However, there is no reason to panic and immediately buy 'dumb' phones: on the users' side are Google, device makers and 'white-hat hackers'. Of course, it is not always possible to close a vulnerability the first time, as evidenced by the recent update of some devices. It is in our power to protect devices from hacking. The methods are simple and, I hope, everyone knows. Healthy gadgets to all.