Major Flaw In Android Phones Would Let Hackers In

via npr: Major Flaw In Android Phones Would Let Hackers In With Just A Text http://n.pr/1esu2Yh

"Android is the most popular mobile operating system on earth. About 80 percent of smartphones run on Android. And it turns out, there's a gaping hole in the software: a hole that would let hackers break into someone's phone and take over, just by knowing the phone's number. That's according to mobile security experts at the firm Zimperium.

Just A Text

In this attack, the target would not need to goof up — open an attachment or download a file that's corrupt. The malicious code would take over instantly, the moment you receive a text message."

Sent from my iPhone using Tapatalk

 

Looks like next week for you! Although the flaw was discovered since April. And has been there forever.

http://www.androidpolice.com/2015/0...-update-for-nexus-devices-starting-next-week/

I googled the answer!


Sent from my iPad using Tapatalk

 

I assume this affects Android tablets too? Does android have a shared text app with Android phones?


Sent from my iPad using Tapatalk

 

This is a huge tech flaw and business model flaw ( re JFB MIT article).

Wonder how government will/have use or abuse this.
Or will inspire China to develop their own os

Has Microsoft or Apple stock jumped recently?


Sent from my iPhone using Tapatalk

 

And consumers and WA Android members? How seriously are they taking it?

Or are they assuming 'the' update will come to them without question?


Sent from my iPhone using Tapatalk

 

Yes, that would be interesting, certainly. Please do, with any phrasing you deem best. VF


Sent from my iPad using Tapatalk

 

So perhaps I misunderstood. My original post stated clearly, that NOT downloading the MMS does NOT protect you.

Just getting the text was all that was needed. From the OP linked article.

In this attack, the target would not need to goof up — open an attachment or download a file that's corrupt. The malicious code would take over instantly, the moment you receive a text message.

"This happens even before the sound that you've received a message has even occurred," says Joshua Drake, security researcher with Zimperium and co-author of Android Hacker's Handbook. "That's what makes it so dangerous. [It] could be absolutely silent. You may not even see anything."

 

I'm not so sure. Disabling auto fetch may add some layer of protection according to some, but additionally other researchers are finding that a video inside a web page may download the malicious code as well.

There are too many 'may' or ' could' out there. These guys need to be more clear. Or are just trying to sell something?

Anyhow, good post @dmapr. I'll sent you a link video link to download.


Sent from my iPad using Tapatalk

 

@KevinJames my point of view is 1) I'd turn off auto download of MMS, 2) I'd still investigate if doing that completely resolved the situation and absolves me of all worry, and 3) be annoyed if my phone doesn't get an Android patch right away.


Sent from my iPhone using Tapatalk

 

@KevinJames. Down the rabbits hole of iOS vs Android again? Please, no!

Writers in this episode are commenting on the flawed patch or update model that exists with Google's model: carriers or phone makers like Samsung control updates and also modify stock Android. So patches are slow to arrive, sometimes non existent or never adopted. (Unless you have a Nexus). That's a common complaint even sans malware concerns

Overbearing Apple has a direct connection to its user base. Patches can be pushed directly and new iOS have quick and high adoption rates.

From what I read, Microsoft is in a similar league.

Reread the OP linked news article. The above was really the main concern.

PS: that 2013 'major iOS hack' required the attachment of a tampered charger cube that had a hidden microcomputer inside it to ones phone. Seriously?


Sent from my iPhone using Tapatalk

 

The best password is always 'secret'.


Sent from my iPad using Tapatalk