Devices with Potential for Vices

• Content
• Smart Buildings & Technology
• Devices with Potential for Vices

22 October 2015 | Updated 01 January 1970

A study partly funded by Google and conducted by University of Cambridge researchers has found that 87% percent of Android devices are vulnerable to known flaws. 

One of the authors, Alastair R. Beresford, one of the team members blames many manufacturers that do not issue security patches regularly, leaving their devices exposed to malware.

While admitting that some manufacturers were ‘much better’ than others the study showed that devices built by LG and Motorola as well as those shipped under the Google Nexus brand are much better than most.

The authors used data collected by their Device Analyzer app which is available from the Google Play Store. The app collects data from volunteers around the globe and the authors have used data from over 20,000 devices in the study but were still keen to recruit more contributors.

“We combined Device Analyzer data with information we collected on critical vulnerabilities affecting Android,” said Beresford. “We used this to develop the FUM score which can be used to compare the security provided by different manufacturers. Each manufacturer is given a score out of 10 based on: f, the proportion of devices free from known critical vulnerabilities; u, the proportion of devices updated to the most recent version; and m, the mean number of vulnerabilities the manufacturer has not fixed on any device.”

The problem with the lack of updates to Android devices was, said Beresford, well known and recently Google and Samsung have committed to shipping security updates every month. “Our hope is that by quantifying the problem we can help people when choosing a device and that this in turn will provide an incentive for other manufacturers and operators to deliver updates,” stated Beresford.

Beresford went on to urge users to recognise that Google “has done a good job at mitigating many of the risks and we recommend users only install apps from Google’s Play Store since it performs additional safety checks on apps. Unfortunately Google can only do so much, and recent Android security problems have shown that this is not enough to protect users. Devices require updates from manufacturers, and the majority of devices aren’t getting them.”

Picture: A joint study by Google and a team from the University of Cambridge has found serious weaknesses in many Android devices

Article written by Robin Snow | Published 22 October 2015

Share

Related Articles