Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Millions of Android phones open to ‘permanent device compromise’ attack
Mac Daily News ^ | March 23, 2016

Posted on 03/23/2016 3:22:34 PM PDT by Swordmaker

“Millions of Android phones, including the entire line of Nexus models, are vulnerable to attacks that can execute malicious code and take control of core functions almost permanently, Google officials have warned,” Dan Goodin reports for Ars Technica.

“The flaw, which allows apps to gain nearly unfettered “root” access that bypasses the entire Android security model, has its origins in an elevation of privileges vulnerability in the Linux kernel. Linux developers fixed it in April 2014 but never identified it as a security threat,” Goodin reports. “For reasons that aren’t clear, Android developers failed to patch it even after the flaw received the vulnerability identifier CVE-2015-1805 in February 2015.”

“Friday’s advisory didn’t identify the app that was exploiting the vulnerability except to say it was publicly available, both within and outside of Play, and worked on Nexus 5 and Nexus 6 phones,” Goodin reports. “The vulnerability is present in all Android releases that use Linux kernel versions 3.4, 3.10, and 3.14. That includes all Nexus phones, as well as a large number of handsets marketed under major manufacturer brands.”

Read more in the full article here.


TOPICS: Business/Economy; Computers/Internet
KEYWORDS: applepinglist

1 posted on 03/23/2016 3:22:34 PM PDT by Swordmaker
[ Post Reply | Private Reply | View Replies]

To: ThunderSleeps; ShadowAce; dayglored; ~Kim4VRWC's~; 1234; Abundy; Action-America; acoulterfan; ...
Millions of Android phones open to ‘permanent device compromise’ attack. . . The flaw, which allows apps to gain nearly unfettered "root" access that bypasses the entire Android security model, has its origins in an elevation of privileges vulnerability in the Linux kernel. Linux developers fixed it in April 2014 but never identified it as a security threat. — PING!

Pinging ThunderSleeps, Shadow Ace, and dayglored for their ping lists.


Android Security Ping!
Ping!

The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.

If you want on or off the Mac Ping List, Freepmail me

2 posted on 03/23/2016 3:27:07 PM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue..)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

Thanks.


3 posted on 03/23/2016 3:34:35 PM PDT by dhs12345
[ Post Reply | Private Reply | To 2 | View Replies]

To: Swordmaker

We the people that write kernel and OS layer code for devices could have told you this except for our non-disclose agreements.

Keep a compiler handy and the source code closer.


4 posted on 03/23/2016 3:44:40 PM PDT by soycd
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

Not to worry (yet), I have Android version 4.4.2


5 posted on 03/23/2016 3:59:48 PM PDT by BuffaloJack (Slavery will continue to exist and thrive as long a Islam continues to exist.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: BuffaloJack

..Not to worry (yet), I have Android version 4.4.2...

I have Android version 6.0 and don’t trust it as far as I can throw the phone.


6 posted on 03/23/2016 4:08:06 PM PDT by Sasparilla (Hillary for Prosecution 2016)
[ Post Reply | Private Reply | To 5 | View Replies]

To: BuffaloJack
As happens to me more and more commonly; my android version is 4.1.2 and the kernal 3.0.whatever

In other words... I'm hopelessly out of date. So far behind the times that nobody had invented bugs until after I got this phone.

It's okay, we all know old is the new sexy.

7 posted on 03/23/2016 4:24:56 PM PDT by WhoisAlanGreenspan?
[ Post Reply | Private Reply | To 5 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson