Take any popular Android phone and get a team of some real hackers to crack the security. What do you think the result would be? Apparently, within a week’s time they will come up with a bucket of major and minor security flaws.
Expert security researchers from Google has just done the same, with the brand new Samsung’s Galaxy S6 Edge. Google’s team – Project Zero devoted just a week to find out a subtotal of 11 high risk security flaws in Samsung Galaxy S6 Edge. What’s most worrying is, out of which one even allow attackers to write a file into your device without asking for your permission.
High device security is the order of the day, you can never comprise on that. Worries like loss of data from your device is nothing in comparison to device security.
Remo Software says, “There are advanced applications to help you out in any adverse situations; loss of photos or other data is not a big deal, when you have access to the right tool. But if the device have any serious security flaw causing theft of data, it’s really hard to compensate.”
— Remo Software (@remosoftware) June 29, 2015
Which I think is so true, as you are totally clueless in case if data theft happens due to any serious security flaw unlike data loss where you have #DataRecovery chances. And it could also get you into big trouble.
Execution plan by Project Zero
In order to find loop holes, team was divided into two; the North American and the European. The focus was on finding out routes to get access to contacts, messages, and photos by installing an app using Google Play which by no way have permissions to do it or through any remote access. And the research was carried out to make unauthorized code to the phone to hijack information even if it was wiped.
The researchers found most of the holes were coming from the device drivers; the researcher Natalie Silvanoich says these were found in less time and she also pointed out some of the issues were so trivial to exploit, making it really dangerous as a malicious hacker could easily exploit these loop holes to abuse a person.
The team submitted their findings to Samsung, where they claim to have already resolved eight out of the 11 reported. The unpatched issues are not that severe and will be fixed within November.
Even if the security holes were fixed by Samsung, the worrying factor is, a dedicated team were able find 11 bugs in such short time. However, Silvanovich praises Samsung for resolving most of the issues so quickly.
The decision of issuing updates to their devices more frequently were taken earlier by Samsung and Google to handle security issues. And Google is pushing updates with its Nexus phones and tablets on weekly basis whereas Samsung is updating its Galaxy series every month.
The news of security flaws in Samsung Galaxy S6 Edge that is being discovered now in Android software is potentially going to affect over a billion Android devices. And boy seriously security flaw is not something which you want to hear from a major brand.
Anything else you want to add to this story? Share it in the comments.