Tuesday, 16 August 2016

On 02:26 by admin   No comments
80 percent of Android Devices are vulnerable because of a transmission control protocol (TCP) specification and its implementation. The vulnerability allows for malicious attackers to intercept unencrypted data, inject files, terminate the network connection, and degrade the privacy of anonymity networks such as Tor. The vulnerability allows for manipulation of emails, documents and other files during transit.
The vulnerability exists because of the TCP protocol in the Linux Kernel 3.6, which is used in all Android devices running KitKat 4.4 or later versions. As of August 1, this was 79.9 percent of all Android users. Exploiting the vulnerability is hard, however. It requires the knowledge of the source and destination IP addresses. There is no need for a man in the middle attack to exploit the vulnerability. There was a patch released to fix the vulnerability on Linux, but Android versions have not yet received a security patch.
One way to stay safe is to ensure all applications, services and web connections are over HTTPS with a transport security layer (TSL). While the attack is technically advanced, casual hacks are an unlikely scenario. However, targeted attacks are a potential security issue. For those managing a number of employee devices, there is a potential for a serious spying problem. Chief Information Security Officers (CISO) will now have to consider how this vulnerability affects their Linux based environments and Linux based server connections to web sites apart from the Android devices themselves.
There are more countermeasures for rooted devices on Lookout Blog. This is the original paper presented at the twenty fifth Usenix security symposium. Recently it was discovered that 900 million Android users were affected by the Quadrooter security bug, however Google played down the threat to end users.


Post a comment