This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Tech News : Android Fake ID bug exposes smartphones and tablets

Anonymous
Not applicable

on ‎29-07-2014 18:17

on ‎29-07-2014 18:17

Headline : Android Fake ID bug exposes smartphones and tablets.


"An Android flaw has been uncovered that lets malware insert malicious code into other apps, gain access to the user's credit card data and take control of the device's settings.

BlueBox Labs said it was particularly concerning as phone and tablet owners did not need to grant the malware special permissions for it to act."

My thoughts :

Thought I'd add this to the forum as a heads up.

Source : BBC News
Read more here : http://www.bbc.co.uk/news/technology-28544443
Message 1 of 14
2,124 Views
13 REPLIES 13

Anonymous
Not applicable

on ‎29-07-2014 19:43

on ‎29-07-2014 19:43

Have Android devices on O2 recieved a recent update that would patch against this vulnerability?

 

Possibly one for @Toby or @Chris_K ?

Message 2 of 14
1,807 Views

Anonymous
Not applicable

on ‎29-07-2014 19:46

on ‎29-07-2014 19:46

Google have released a patch to close the vulnerability but I understand it is with the manufacturers now to update devices and push it out.

Of course for locked phones that will show things down further.

This is a weak point with Android. At least with Apple they keep control and push updates out to devices bypassing the networks to a degree.
Message 3 of 14
1,803 Views

Anonymous
Not applicable
In response to Anonymous

on ‎29-07-2014 19:52

on ‎29-07-2014 19:52

@Anonymous wrote:
At least with Apple they keep control and push updates out to devices bypassing the networks to a degree.

That is literally the only thing I wish other manufacturers could do that Apple already utilise.

Message 4 of 14
1,799 Views

anticpated
Level 30: Meditator
In response to Anonymous
  • 3426 Posts
  • 168 Topics
  • 53 Solutions
Registered:

on ‎29-07-2014 21:00

on ‎29-07-2014 21:00

The largest issue is that Google will only push relevant security updates to currently popular versions of it's Android OS. And don't forget OEM developers will add their own level security into their custom version, so LG, Samsung and HTC should be patched by now in 4.3 to the current 4.4.4 builds.

 

OEM developers whom have ceased updating firmware on older telephones won't patch it. 

 

Google might in their Nexus range, however there is far less fragmentation in the OS share there anyway. If you don't fully trust an application or have no clue what you're doing, then maybe you shouldn't be using an Android mobile/tablet. 

 

To be fair, people will always use cheap and nasty tricks to exploit people.

 

Indubitably true. Samsung S21 Ultra and Xiaomi 14 Ultra
Message 5 of 14
1,776 Views

Anonymous
Not applicable
In response to anticpated

‎30-07-2014 08:41 - edited ‎30-07-2014 08:42

‎30-07-2014 08:41 - edited ‎30-07-2014 08:42

To counteract the media scare mongering around this, I found this article to be quite good:

 

http://www.androidcentral.com/fake-id-and-android-security-updated

 

Yes the bug is an issue, but Google have known about it since April and have already patched it. The article also points out that the LG G3, HTC One M8 and Samsung Galaxy S5 are already updated with this. Also, Google have updated Google Play and Verify Apps to protect users (which helps with regards to phones no longer being updated, as these are done independently of the OS), and they have found no apps in their store that attempt to use this vulnerability.

 

So, stick to installing apps from Google Play and be aware of what you're installing I guess is the moral of this story.

Message 6 of 14
1,707 Views

Toby
Former Staff
In response to Anonymous
  • 11577 Posts
  • 520 Topics
  • 213 Solutions
Registered:

on ‎30-07-2014 10:09

on ‎30-07-2014 10:09

Hi Papa, I'll see if there is any info on this for you.
Fancy writing a great device review or O2 forum guide? Send me a message!

Get involved:
• New to the community? This is how you get help.
• Want to know who we are? Come and say hi to us.
• Want to have a chat? Drop me a direct message.

Message 7 of 14
1,695 Views

Anonymous
Not applicable
In response to Toby

‎30-07-2014 12:08 - edited ‎30-07-2014 12:08

‎30-07-2014 12:08 - edited ‎30-07-2014 12:08

Have you seen this guy's opinion?

http://www.osnews.com/story/27868/Another_day_another_sensationalist_unfounded_security_story

Message 8 of 14
1,666 Views

Anonymous
Not applicable

on ‎30-07-2014 12:20

on ‎30-07-2014 12:20

Awesome @Anonymous

I have checked my Android device and see that Verify Apps is already running so I feel fairly secure.

Thank you for the updates
Message 9 of 14
1,660 Views

jonsie
Level 94: Supreme
In response to Anonymous
  • 97057 Posts
  • 614 Topics
  • 7205 Solutions
Registered:

on ‎30-07-2014 12:27

on ‎30-07-2014 12:27

Fear, uncertainty and doubt just about sums up the aim of the spreading of these stories and the ultimate end result of selling antivirus apps.

Click Here For Social Media Support Links VirginmediaO2
THIS IS NOT CUSTOMER SERVICE AND WE CANNOT ACCESS ACCOUNTS
2020-Awards-jonsie


Message 10 of 14
1,658 Views
Top