November 18, 2019 – When you buy an Android smartphone, hardly anyone installed a clean version of Google's operating system. Unless you buy a Pixel or Android One device, you will have to deal with mobile phones full of software and applications developed by third-party developers that may, on several occasions, be full of vulnerabilities.
In cases like these, all security precautions you can take all the tools present within the operating system have no value. Hackers will have an easy time taking advantage of one of these vulnerabilities, even before buying a smartphone. Thus, from the first start-up, the attacker could exploit these vulnerabilities and access information to the device memory.
Frequent scenario than you can imagine. Kryptowire, a company active in information security, has just released a report on vulnerabilities inherent in the Android firmware, funded by the US Department of Homeland Security. From this report it follows that devices of as many as 29 manufacturers – most Chinese, but also some big names – are affected by 150 vulnerabilities, some of which are quite dangerous.
Android vulnerabilities more dangerous than infected apps: what's happening
As highlighted in the Cryptovare report, vulnerabilities discovered in apps pre-installed on smartphones are far more dangerous than infected apps in the Play Store. The reason is easy to say: these latest applications, in the vast majority of cases, can be removed and, with them, also the vulnerability or malware they carry with them. The so-called blatware, on the other hand, is installed at the operating system level and can be difficult to wipe out the user. Even if you did reset them to factory settings, the system application vulnerability will still be reinstalled on the device. In short, a problem apparently without a solution.
Which smartphones are in danger
According to a Kryptowire report, there are 29 manufacturers of smartphones delivering vulnerable devices of all kinds to their customers. Most devices made and sold by these manufacturers contain these errors and, as seen above, there is very little that users can do themselves.
In the list we find little-known manufacturers like Adwan, Aleviv, Evercros, Liquid and Walton, but also brands at the level of Xiaomi, Asus, Samsung and Sony. The addition of devices sold throughout the year by only these four manufacturers is easily surpassed 130 million devices in 2019 alone. potentially, there are hundreds of millions, if not billions, of smartphones at risk. The danger is far greater than the potential potential availability of any infected app in the Play Store.