We love to use our smartphones for all sorts of things: socializing, banking, gaming, working out, and more. Our smartphones have become our companions…a way in which we can connect to the world around us. And this means that we keep lots of personal and financial data on our phones: credit card numbers, banking apps, emergency contact numbers, addresses, and the whole lot. So when vulnerabilities are revealed in today’s smartphones, people get a little shook up. Just this week, a glaring security flaw was revealed in the Android operating system.
Uncovered by Zimperium, a mobile security firm that manages security and visibility across both iOSand Android devices, the flaw allows a hacker to easily take over an Android device simply by sending a text. “This happens even before the sound that you’ve received a message has even occurred,” said Joshua Drake, a Zimperium researcher and co-author of Android Hacker’s Handbook.
The scary part? All a hacker needs is your telephone number, as the security gap lies within Android’s Hangouts messaging app. The hacker simply embeds malware into a video and sends it to you in order to gain access: you don’t even have to open a message or attached file to become vulnerable. This is because the Hangouts application processes videos ahead of time to make for a faster load time and better user experience. But that, in turn, is what makes Android vulnerable to such hacks, sacrificing security for convenience. From there, a hacker can easily gain access to your data as well as your camera and microphone.
So what are the solutions? Don’t use Hangouts, and instead download a third party messaging app. This seems like a terrible inconvenience for people who rely heavily upon Hangouts as their means of communication. Drake says that he has sent suggested patches to Google already, but is wary about how long it will take for the patches to reach all manufacturers that run an Android operating system.As opposed to Apple’s “closed system” of operations (the company controls the hardware and software), Android distributes its software to the phone manufacturers and carriers, who tailor and tweak the software to meet their needs. This makes it very complicated for all software patches and updates to immediately become available across all Android devices. Drake expects that the patch will only become readily available to around 20% of Android users.
Maybe this, if anything, will push more Android users towards making the switch to an iOS device. In fact (even prior to Android’s security flaw detection), Apple has seen a significant number of smartphone users coming over to iOS from Android. In his recent Q3 2015 conference call, CEO Tim Cook revealed that “this quarter saw the highest number of Android switchers ever.” Whether it is due to the user-friendly iOS or the draw of the Apple products high level of security has yet to be determined. Either way, Apple must be ecstatic Android security issues are becoming public, enticing more people to make the switch to iPhone.