Monday, August 8, 2016

QuadRooter – what you should know about the loud and dangerous gap on Android –

The first signals about the threat of vulnerabilities QuadRooter appeared on the websites of technological Monday morning, being the result of yesterday’s blog entry Check Point presentation and their use at DefCon in Las Vegas dedicated to security issues. According to estimates by Check Point, difficulty can be up to 900 million Android devices based on Qualcomm chipsets. It is this gigantic number sparked internet to red.

What harm could happen and how to avoid it?

The report Check Point mentions four vulnerabilities, of which three have already sent out the appropriate updates. The last of them will be patched until the next monthly update cycle Google. What is the most pessimistic scenario to use it?

You can be persuaded to install the application as a file with the extension APK, which will not require any additional allowances (not raised by this suspicion). Cybercriminal as a result of the installation file can gain remote control of the smartphone.

It is worth recalling that the default Android blocks the installation of apps from unknown sources (ie, outside the store Google Play). If we do not change this setting, then we’re further away from danger. Of course, the next step is well known here from the world of motoring principle of trust. I do not agree to install any software from an unknown source.

Who is to blame?

This side Qualcomm, and not as one would originally think Google is the cause of the whole problem. In the process of manufacturing the chipset installed additional drivers, and it is in their code experts from Check Point we were able to detect a threat. This means that Google was not able to independently provide for amendments to the code of Android, because gaps related to the hardware layer from the external manufacturer. Amendments must therefore obtain directly from Qualcomm.

Representatives of Qualcomm were informed about everything already in April and have classified the risk as high. According to security policy they have in this case 90 days to release the relevant amendments before it can be made public knowledge information about the detected threat. And you have to know that the procedure for the distribution of such amendment is not simple.

Just look at the following graphic from the report, Check Point, where you can see a complex path of the procedures and verifications they have to go through all the amendments.

 The complicated process of distributing patches  source: Check Point

At each stage ( component suppliers, manufacturers of smartphones, distributors and mobile operators) created a unique version of Android supplemented with additional software. This significantly complicates the process of verification and distribution of patches to the end user. The problem is best know the holders of smartphones offer mobile operators. Android updates come to them, usually at the very end, even a few months later.

Are we in danger?

There is no reason for undue panic. provided that preserve the basic principles of safety, we always have the most current Android with all amendments, we do not install any applications of unknown origin and not respond to provocations for such action. Check Point provides a free tool to diagnose whether our smartphone is vulnerable to exploitation of vulnerabilities QuadRooter, but beyond the fact notified us of this, is not able to do anything about it. Fortunately, the amendment of Google is on the way.


No comments:

Post a Comment