Skip to content
  • Beware this big iOS flaw– and it’s not alone

    CNET News - 03/17/2014

    An Android presentation just after Mandt’s asserted that the one-two punch of Android fragmentation has placed Android users at risk of missing out on important security updates. That’s not going to be fixed anytime soon, they said.

    The issue, argued Jon Oberheide of Duo Security and Northeastern University security researcher Collin Mulliner, lies in how Android devices receive — or more precisely, don’t receive — their updates.

    “The Chrome guys will deliver an update within 24 hours. On Android, it can take months and years,” said Oberheide. “Your carrier doesn’t have a lot of incentive to fix your ancient HTC Evo. They want you to buy the latest and greatest device.”

    So, the pair said, even when Google patches Android security flaws, the handset manufacturer and the carrier effectively stop patches from reaching the people who need them.

    Android security apps can’t be relied on, Mulliner said, because they’re fighting Android malware — something that he said just isn’t a big problem in most regions.

    “None of the big antivirus or security companies are doing a really good job because they’re all concerned with stopping malware,” he said.

  • Cookies on Northeastern sites

    This website uses cookies and similar technologies to understand your use of our website and give you a better experience. By continuing to use the site or closing this banner without changing your cookie settings, you agree to our use of cookies and other technologies. To find out more about our use of cookies and how to change your settings, please go to our Privacy Statement.