Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsAndroidSecurity hole in Android puts 1 billion people at risk
jarledb

Webhead
3253 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

#161699 16-Jan-2015 14:40
Send private message

This is scary. http://www.engadget.com/2015/01/14/google-security-bug-billion-android-phones/

Apparently its a problem for all versions of Android 4.3 and lower. Which would include Samsung Galaxy S3.

Seems like the problem of fragmentation has really come back to bite Android in the behind?




Jarle Dahl Bergersen | Referral Links: Want $50 off when you join Octopus Energy? Use this referral code
Are you happy with what you get from Geekzone? Please consider supporting us by making a donation or subscribing.

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
kiwitrc
4123 posts

Uber Geek
Inactive user


  #1216151 16-Jan-2015 14:54
Send private message

Wow didnt realise that Android is up to around 1.6 Billion users.



Lias
5589 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #1216152 16-Jan-2015 15:03
Send private message

Nice to know Microsoft isn't the only company who shafts its phone OS users :-)

Hrrmm I wonder if you could lodge a CGA complaint and get your phones replaced now that the device is no longer fit for purpose. If a car manufacturer found a defect in a billion cars and was all "Nah mate, not fixing it, just buy a new one" they would be crucified by the government.




I'm a geek, a gamer, a dad, a Quic user, and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it. If you use my Quic signup you can also use the code R570394EKGIZ8 for free setup.

wasabi2k
2096 posts

Uber Geek


  #1216157 16-Jan-2015 15:17
Send private message

Lias: Nice to know Microsoft isn't the only company who shafts its phone OS users :-)

Hrrmm I wonder if you could lodge a CGA complaint and get your phones replaced now that the device is no longer fit for purpose. If a car manufacturer found a defect in a billion cars and was all "Nah mate, not fixing it, just buy a new one" they would be crucified by the government.


Good luck with that - the bug doesn't prevent it from being able to call/text and use apps/data.

Would be more like your car's door lock has an identified fault that makes it easy to open without the key.



kiwitrc
4123 posts

Uber Geek
Inactive user


  #1216168 16-Jan-2015 15:30
Send private message

Lias: Nice to know Microsoft isn't the only company who shafts its phone OS users :-)

Hrrmm I wonder if you could lodge a CGA complaint and get your phones replaced now that the device is no longer fit for purpose. If a car manufacturer found a defect in a billion cars and was all "Nah mate, not fixing it, just buy a new one" they would be crucified by the government.


Or a crim breaking in by exploiting the window vulnerability :)

timmmay
20574 posts

Uber Geek

Trusted
Lifetime subscriber

  #1216180 16-Jan-2015 16:06
Send private message

Vendors are often the problem - Google can update the OS but customisation can limit who gets what. My S4 isn't that old and still doesn't have Android 5.

MikeB4
18435 posts

Uber Geek

ID Verified
Trusted

  #1216185 16-Jan-2015 16:16
Send private message

timmmay: Vendors are often the problem - Google can update the OS but customisation can limit who gets what. My S4 isn't that old and still doesn't have Android 5.


only about 1% of devices have Android 5 so far. 

charsleysa
597 posts

Ultimate Geek


  #1216188 16-Jan-2015 16:27
Send private message

Google said it is up to the manufacturers to release a patch for their devices since they no longer do updates for 4.3 and lower.

As for the OP, a simple solution is to root the phone and use a community released update. I've been doing that for the old S3 that I gave to my mum. Currently runs Android 4.4 Samsung firmware backported to the S3.




Regards
Stefan Andres Charsley

 
 
 
 

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.
Behodar
10501 posts

Uber Geek

Trusted
Lifetime subscriber

  #1216190 16-Jan-2015 16:30
Send private message

charsleysa: Google said it is up to the manufacturers to release a patch for their devices since they no longer do updates for 4.3 and lower.

What about when Google is the manufacturer (Nexus)? My mum's Nexus is still on 2.3, which is presumably affected since it's below 4.4.

jarledb

Webhead
3253 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #1216191 16-Jan-2015 16:32
Send private message

charsleysa: Google said it is up to the manufacturers to release a patch for their devices since they no longer do updates for 4.3 and lower.

As for the OP, a simple solution is to root the phone and use a community released update. I've been doing that for the old S3 that I gave to my mum. Currently runs Android 4.4 Samsung firmware backported to the S3.


My problem is that the Samsung S3 is with my very non-tech-savy dad in Norway, while I am here in NZ. So getting it rooted won't be happening until I am back visiting next (norwegian) summer.

Maybe Samsung has fixed it by june, but it wouldn't surprise me much if they didn't.




Jarle Dahl Bergersen | Referral Links: Want $50 off when you join Octopus Energy? Use this referral code
Are you happy with what you get from Geekzone? Please consider supporting us by making a donation or subscribing.

charsleysa
597 posts

Ultimate Geek


  #1216195 16-Jan-2015 16:38
Send private message

Behodar:
charsleysa: Google said it is up to the manufacturers to release a patch for their devices since they no longer do updates for 4.3 and lower.

What about when Google is the manufacturer (Nexus)? My mum's Nexus is still on 2.3, which is presumably affected since it's below 4.4.


Google doesn't manufacture any of their devices.




Regards
Stefan Andres Charsley

charsleysa
597 posts

Ultimate Geek


  #1216197 16-Jan-2015 16:43
Send private message

jarledb:
charsleysa: Google said it is up to the manufacturers to release a patch for their devices since they no longer do updates for 4.3 and lower.

As for the OP, a simple solution is to root the phone and use a community released update. I've been doing that for the old S3 that I gave to my mum. Currently runs Android 4.4 Samsung firmware backported to the S3.


My problem is that the Samsung S3 is with my very non-tech-savy dad in Norway, while I am here in NZ. So getting it rooted won't be happening until I am back visiting next (norwegian) summer.

Maybe Samsung has fixed it by june, but it wouldn't surprise me much if they didn't.


That's true, I guess until you manage to get your hands on the device you can advise him on what apps to use and what apps to stay away from.

The vulnerability is limited to WebView controls used in apps.

Also rooting the a Galaxy S3 is quite simple now and it is actually possible to guide him through the process by Skype or phone.




Regards
Stefan Andres Charsley

MikeB4
18435 posts

Uber Geek

ID Verified
Trusted

  #1216202 16-Jan-2015 17:00
Send private message

Its this sort of thing that makes me come and go from Android. 

jeffnz
2870 posts

Uber Geek

Trusted
Lifetime subscriber

  #1216242 16-Jan-2015 17:46
Send private message

Security bugs are always around for all OS's so its nothing new. So what is the extent of the damage done thus far or is it just that it "can" be exploited.

Seems to be conflicting information as to what versions are affected as well

"The flaws in this case affect Android 4.1 to 4.3, aka Jelly Bean, which began shipping in mid-2012 and was the primary version of Android through late 2013, or roughly 14 months ago. Up until quite recently, Google has aggressively patched problems in Android’s WebView rendering engine. Before KitKat (Android 4.4), all versions of Android used the version of WebView found within the Android Browser for rendering HTML webpages. With KitKat and Lollipop, Google updated the operating system to use a WebView plugin derived from its Chromium project."

Source


always love the scaremongering that goes on when this happens wink




Galaxy S10

 

Garmin  Fenix 5

nathan
5695 posts

Uber Geek
Inactive user


  #1216340 16-Jan-2015 21:23
Send private message

kiwitrc: Wow didnt realise that Android is up to around 1.6 Billion users.


1.15 billion Android devices shipped in 2014 alone.

nathan
5695 posts

Uber Geek
Inactive user


  #1216341 16-Jan-2015 21:24
Send private message

Lias: Nice to know Microsoft isn't the only company who shafts its phone OS users :-)

Hrrmm I wonder if you could lodge a CGA complaint and get your phones replaced now that the device is no longer fit for purpose. If a car manufacturer found a defect in a billion cars and was all "Nah mate, not fixing it, just buy a new one" they would be crucified by the government.


Microsoft or carriers shafting?

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00

eero Pro 7 Review
Posted 23-Jul-2025 12:07

BeeStation Plus Review
Posted 21-Jul-2025 14:21

eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01

WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32

RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26

Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24

Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05

Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01

Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01

Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22

Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46

Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42

D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34

Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Affiliate links
Samsung
AliExpress
Wise
Sharesies
GoodSync
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright