Latest in Gear

Image credit: REUTERS/Dado Ruvic/Illustration

Pre-installed apps on low-end Android phones are full of security holes

More than 146 apps from 29 manufacturers were found to put users at risk.
296 Shares
Share
Tweet
Share

Sponsored Links

REUTERS/Dado Ruvic/Illustration

In what has become an annual reckoning, security research company Kryptowire recently published its 2019 report on the state of manufacturer-installed software and firmware for Android devices and, to no one's surprise, they found more than 140 bugs which could be exploited for malicious purposes.

The DHS-funded report uncovered 146 apps, which come pre-installed on inexpensive Android handsets, would pull shenanigans like eavesdropping through the microphone, unilaterally changing their permissions or surreptitiously transmitting data back to the manufacturer without ever notifying the user.

Kryptowire found these bugs on phones from 29 different manufacturers from relatively unknowns like Cubot and Doogee to marquee companies include Sony. And given that the average Android come with anywhere from 100 to 400 apps pre-installed, often bundled as part of larger app suites, these vulnerabilities pose a growing threat to users.

The problem isn't unsolvable, mind you. "Google can demand more thorough code analysis and vendor responsibility for their software products that enter the Android ecosystems," Kryptowire CEO Angelos Stavrou told CNET. "Legislators and policy makers should demand that companies are accountable for putting the security and personal information of end-users at risk."

The question, though, is whether or not Google and policy makers have the political will to take steps necessary to correct the issue.

Via: CNET
Source: Kryptowire
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
296 Shares
Share
Tweet
Share

Popular on Engadget

'PUBG' cross party play capability for PS4 and Xbox One has arrived

'PUBG' cross party play capability for PS4 and Xbox One has arrived

View
Facebook will pay for user recordings to improve speech recognition

Facebook will pay for user recordings to improve speech recognition

View
Windows 10 icons are getting an overdue redesign

Windows 10 icons are getting an overdue redesign

View
Hasbro's flurry of 'The Mandalorian' toys includes an animatronic Baby Yoda

Hasbro's flurry of 'The Mandalorian' toys includes an animatronic Baby Yoda

View
'Westworld' season 3 trailer sets the stage for an AI battle

'Westworld' season 3 trailer sets the stage for an AI battle

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr