Reference Library – Mobile Phones – Sony
Recently uncovered security flaws could mean trouble for owners of devices that run the Android operating system. Researchers at security firm Check Point recently discovered the vulnerabilities, together labeled Quadrooter, which may affect as many as 900 million Android devices.
Speaking about the discoveries last week at the Def Con security conference in Las Vegas, Adam Donenfeld, Check Point’s lead mobile security researcher, revealed four new privilege escalation exploits that can be used to remotely gain root access to Android handsets. To gain access, an attacker just has to get the user to install a malicious app. From there the attacker has full access to saved data and can also change or remove system-level files, delete or add apps and gain access to the device’s screen, camera, or microphone, said Donenfeld.
As Donenfeld explained it, Google made several changes in the Android landscape to tighten security, but vulnerabilities have slipped through anyway. He also noted that Google is not the only company struggling to keep Android safe. Qualcomm, which makes 80 percent of the chipsets in the Android ecosystem, has almost as much of an effect on Android s security as Google.
“If exploited, Quadrooter vulnerabilities can give attackers complete control of devices and unrestricted access to sensitive personal and enterprise1 data on them,” Check Point said in a blog post. “Access could also provide an attacker with capabilities such as keylogging, GPS tracking, and recording video and audio.”
Check Point examined Qualcomm s code in Android devices, finding what it called multiple privilege escalation vulnerabilities in multiple subsystems introduced by Qualcomm to all its Android devices in multiple different subsystems. In its Def Con presentation, the company reviewed the privilege escalation vulnerabilities it found and demonstrated a detailed exploitation that bypassed the existing mitigations in Android s Linux kernel to run kernel-code, elevating privileges and thus gaining root privileges.
The smartphones at risk of being exploited by the Quadrooter vulnerabilities are: BlackBerry Priv; Blackphone, Blackphone 2; Google Nexus 5X, Nexus 6, Nexus 6P; HTC One, HTC M9, HTC 10; LG G4, LG G5, LG V10; New Moto X by Motorola; OnePlus One, OnePlus 2, OnePlus 3; Samsung Galaxy S7, Galaxy S7 Edge; and Sony Xperia Z Ultra. Because the vulnerable drivers are pre-installed, they can only be fixed via patches from distributors or carriers. The patches can only be pushed to users by those distributors or carriers once they get new driver packs from Qualcomm.
Check Point is making available a free Quadrooter scanner app that scans users Android phones to see if the necessary patches have been downloaded and installed. The scanner app is available at https://www.checkpoint.com/resources/quadrooter-vulnerability-consumer/. Qualcomm said it has already fixed all four flaws, while Google said it has patched three of them in an update supplied earlier this month.
Final debugging will come with Google s next security update, according to the Android Headlines Web site.
LG V20 renders give us a better look of what s to come from LG next month, also revealing LG might still be in the modular game if the renders prove accurate.
LG didn t really keep the V20 a secret, having dropped plenty of bombs about their new smartphone in the past few weeks. We know the V20 will be the first device (not a Nexus) to run Android 7 Nougat2 and will be launched on September 6th in San Francisco. What we don t really know is what it will look like. That is partially solved with Android Authority3 and respected leaker @onleaks4, getting their hands on some renders.
LG V20 renders reveal almost all
Looking at the renders we see a button down the right side of the V20, which could be the unlock button to slide out the bottom and attach a LG Friend. LG had banked a lot on the LG Friends peripherals to be a huge success, but currently it has not captured the public s imagination, despite being the best innovation at Mobile World Congress 2016. So it will be no surprised to see the V20 support its friends.
One of the coolest feature of the V10 was the dual-front cameras, not seen in the renders. It offered better viewing angles for group selfies. Instead the rear-camera gets the dual treatment, just like the LG G5. The design of the V20 strikingly resembles the G5, from the camera to the power button/fingerprint sensor. But the secondary always-on-screen is present, corroborating a previous leak claiming the V20 was going to resemble the V10. Specs were not revealed dimensions will apparently be 159.5 x 78.1 x 7.7-8.8mm.
The V20 is rumoured5 to sport a 5.5-inch 1080p or 5.7-inch QHD display. It will most likely sport a Snapdragon 820, as the V10 used the same processor as the G4 (Snapdragon 808). A massive 4,000mAh battery could be in tow and 4GB of RAM.
We ll know a hell of a lot more on September 6th, and in the coming few weeks.
Alibaba Cloud, the cloud computing arm1 of Alibaba2 Group, entered into a partnership with HTC Corporation today, with a view to explore high scalable and price-competitive virtual reality solutions for customers worldwide. The duo aim to leverage the cloud computing technology of Alibaba Cloud, helping companies develop innovative solutions to tackle bandwidth allocation, data transmission and data processing needs in areas such as VR video production and VR broadcasting. The partnership also claims to bring together industry developers to build a VR cloud ecosystem, and extend Viveport 3, HTC s VR app store to Alibaba Cloud s cloud computing platform. Alvin Wang Graylin, China Regional President of Vive, HTC, said:
We are excited to partner with Alibaba Cloud, as we believe it will be a landmark collaboration between the VR and cloud computing industries. By utilizing the cloud computing expertise and enabling 500k developer community built on Alibaba Cloud, HTC Vive will be able to provide more reliable resources to VR content developers, while delivering smoother access and richer content to VR consumers on our Viveport content store in China.
Alibaba claims that with the algorithm capacity and infrastructure provided by cloud computing technology, the ultimate experience of VR can be greatly enhanced by increasing definition, minimizing system crashes and conserving bandwidth. Furthermore, the company explained that development of VR technology requires powerful and flexible infrastructure support from the backend to supply visually rich and interactive contents to the audiences, in which cloud computing technology can improve the efficiency and lower operation costs. Ge JIN, Business Architect Director, Alibaba Cloud said:
Cloud computing has continuously broken the boundaries of what we thought possible, accelerating the rate of innovation. The partnership between Alibaba Cloud and HTC will bring two of the world s most disruptive technologies together to bring more value to businesses looking to leverage VR and cloud. This partnership will accelerate the development of VR technology in China and encourage widespread, global adoption.
Alibaba Cloud has been recently used by a VR team from Zhejiang University to render a three-minute 360-degree 3D VR video in about 3 days.
Also Read: Sony’s new projector for smartphones is boon for Indian enterprises