Latest in Gear

Image credit: REUTERS/Dado Ruvic/Illustration

Pre-installed apps on low-end Android phones are full of security holes

More than 146 apps from 29 manufacturers were found to put users at risk.
294 Shares
Share
Tweet
Share
Save

Sponsored Links

REUTERS/Dado Ruvic/Illustration

In what has become an annual reckoning, security research company Kryptowire recently published its 2019 report on the state of manufacturer-installed software and firmware for Android devices and, to no one's surprise, they found more than 140 bugs which could be exploited for malicious purposes.

The DHS-funded report uncovered 146 apps, which come pre-installed on inexpensive Android handsets, would pull shenanigans like eavesdropping through the microphone, unilaterally changing their permissions or surreptitiously transmitting data back to the manufacturer without ever notifying the user.

Kryptowire found these bugs on phones from 29 different manufacturers from relatively unknowns like Cubot and Doogee to marquee companies include Sony. And given that the average Android come with anywhere from 100 to 400 apps pre-installed, often bundled as part of larger app suites, these vulnerabilities pose a growing threat to users.

The problem isn't unsolvable, mind you. "Google can demand more thorough code analysis and vendor responsibility for their software products that enter the Android ecosystems," Kryptowire CEO Angelos Stavrou told CNET. "Legislators and policy makers should demand that companies are accountable for putting the security and personal information of end-users at risk."

The question, though, is whether or not Google and policy makers have the political will to take steps necessary to correct the issue.

Via: CNET
Source: Kryptowire
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
294 Shares
Share
Tweet
Share
Save

Popular on Engadget

Recommended Reading: A year later, the CRISPR babies are still a mystery

Recommended Reading: A year later, the CRISPR babies are still a mystery

View
Hitting the Books: How police tech reinforces America's racial segregation

Hitting the Books: How police tech reinforces America's racial segregation

View
Blackmagic’s ATEM Mini brings broadcast quality to your YouTube and Twitch streams

Blackmagic’s ATEM Mini brings broadcast quality to your YouTube and Twitch streams

View
The Morning After: One last update for Google Glass Explorer Edition

The Morning After: One last update for Google Glass Explorer Edition

View
Noir detective game 'Blacksad' will be out for consoles on December 10th

Noir detective game 'Blacksad' will be out for consoles on December 10th

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr