DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
May 26, 2019 
Main Menu
News archives

Who's Online
There are currently 168 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Google leaves close to 1 billion Android devices vulnerable to attack

Posted on Tuesday, January 13 2015 @ 12:41:49 CET by

Google logo
Google has put a lot of effort into boosting cyber security but when it comes to its own software it seems the search giant has a lot more relaxed attitude than when it concerns someone else's software. Security firm Rapid7 recently discovered a security flaw in the WebView engine of Android 4.3 and below, the response the security researcher received from Google is quite stunning:
If the affected version [of WebView] is before 4.4, we generally do not develop the patches ourselves, but welcome patches with the report for consideration. Other than notifying OEMs, we will not be able to take action on any report that is affecting versions before 4.4 that are not accompanied with a patch.
In other words, Google is saying that it doesn't care about security holes in what was the primary version of Android through late 2013. Google says it welcomes patches for consideration and recommends users to take it up with the OEMs if they want a patch, but flatly refuses to maintain security updates for older versions of its software, which admittedly is no easy feat given the fragmented nature of the Android ecosystem.

As ExtremeTech points out, this leaves nearly 1 billion Android devices vulnerable to attack as only 39.1 percent of the userbase runs Android 4.4 "KitKat". Users of most older Android devices, which you can still buy in stores today, have no outlook for a fix other than buying a new phone as most OEMs barely provide support for non-flagship models or devices that have lost their novelty.
What Google is doing, in essence, is telling its user community “Sorry, you have to tell Samsung, LG, and Motorola to provide you with an updated version of our operating system.” This is hilariously impossible. It would never fly in the PC world — imagine Microsoft telling customers “Sorry, you have to make HP, Dell, and Lenovo provide you with a free update for our operating system.” The disparity is even larger if you consider that, in most cases, a computer running a previous version of Windows can be upgraded by the end user to run the next version. That upgrade may be a headache, but system requirements on Windows haven’t budged in nine years.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba