Click to Skip Ad
Closing in...
  1. Galaxy Star Projector Amazon
    09:43 Deals

    This awesome $32 gadget went viral on TikTok and now Amazon shoppers are obsessed

  2. How To Save Money On Your Cable Bill
    15:37 Deals

    Your cable company is furious that we’re telling you about this $59 box on Amazon

  3. Best Kitchen Gadgets
    08:33 Deals

    Amazon shoppers are obsessed with this $23 gadget that should be in every kitchen

  4. Amazon Gift Card
    07:58 Deals

    $25 in free Amazon credit beats any Prime Day deal – here’s how to get it

  5. Prime Day Deals
    07:58 Deals

    Amazon has 10 new early Prime Day deals you need to see to believe

Wireless carriers are making your Android smartphone vulnerable to hackers

Dan Graziano
February 6th, 2013 at 1:50 PM
Android Fragmentation Carriers Manufacturers

When Google (GOOG) discovers a vulnerability in the Android operating system it issues a fix in a small update or in a future software version. Millions of Android users will never see an update, however, and will be left vulnerable to hackers. Unlike the iPhone, which Apple (AAPL) controls and can freely distribute software updates to, Android users are left at the mercy of their manufacturers and wireless carriers.

“When Apple decides that it’s going to give a security update to consumers or a feature update, every consumer who plugs their phone into their computer gets the update whether or not their respective regional carrier likes it,” said Chris Soghoian, principal technologist and senior policy analyst with the American Civil Liberties Union, at the Kaspersky Security Analyst Summit, according to Wired.

The analyst explained that with Android, “you get updates when the carrier wants it and when the hardware manufacturer wants it, and usually that’s not very often.”

More often than not, Android handsets are left forgotten and unprotected despite the fact that a customer is still on a two-year contract. It can take over a year for carriers and hardware vendors to distribute new firmware updates, even for the most popular Android smartphones.

“This is not an instance where I’m criticizing Google for not fixing the bugs,” Soghoian said. “Google’s team will usually fix it very promptly and make it available to all of their hardware partners. The problem here is that fixes for critical security vulnerabilities are simply not getting downstream and reaching consumers.”

Kim Zetter of Wired noted that a September 2012 study from DuoSecurity found that a majority of Android devices sampled in the study had unfixed vulnerabilities, despite the fact that Google had issued patches for the problems.

The truth of the matter is that manufacturers and wireless carriers are more interested in releasing new devices than fixing older ones. Sogohian pointed out that carriers and hardware makers blame each other for the delays and in the end consumers are left with an outdated and vulnerable device.

“You don’t need [a zero-day exploit] to attack most Android devices if consumers are running 13-month old software,” he said, adding that it is time for carriers to either accept responsibility for the devices they sell or grant Google the same control as Apple.

The analyst concluded by explaining that a solution will likely never be found unless the government steps in.

Popular News