Android Phones Must Have Older Than 4.0 To Fend Off Stagefright Hack
It’s been widely reported this month that the Stagefright vulnerability on Android phones is back and with it, users are wondering how exposed their personal information is to hackers who would want to take advantage of the opportunity.
The security firm who alerted the public to the weakness in the Android operating system (OS) have said that they detected the issue with Android phones running anything older than a 4.0 version of the OS a.k.a Ice Cream Sandwich, which was first released in 2011.
Prior to this, the code names for older OS was Gingerbread and Froyo.
In March of 2015, Google announced they would no longer support Chrome updates for it and have since scaled back support.
Around the same time, a Gallup poll was published which stated that there was a split among smartphone consumers when it came to upgrading their phones, where they only did so when they felt they had to, such as when they encounter problems.
The poll shows that iPhone users upgrade more frequently than Android users, which could provide a reason as to why the vulnerability is cause for concern.
“Fifty-one percent of iPhone users say they upgrade every two years, while 47 percent say only when their phone stops working or becomes obsolete. In contrast, 58 percent of Android users say they will wait until their phone stops working, with 40 percent saying they upgrade when eligible.”
For some time now the understanding casual consumers have of the Apple and Android phone market is that these rival companies put on product release events to show off the latest and greatest technologies each company’s products have to offer.
interesting data on Android smartphone upgrades pic.twitter.com/xdU6zUU2Tq
— Craig (@craigbuj) February 4, 2016
As the consumer electronics source BGR says in their op-ed article about a reviewer’s expectations for a new iPhone 7 — which, based on the latest product release event of the new iPhone SE scheduled to be released on March 31 — they estimate will be out by fall; they wanted to correct the review by resetting that writer’s expectations to say that the latest SE announcement, was more strategic than to show off new technologies in order to fill in the company’s product line gaps of a four-inch smart phone.
The last generation was the iPhone 6S/6S Plus and was released in October.
The article, however, continues to point out that many of the features for the new Apple products might very well just be incorporating the same technologies that Android phones have already had for months.
Though both companies are trying to make money in the same market, they’ve fallen into a pattern of expectations where consumers consider them to either fail on the long or short-term based on the things such as glitches in software and/or patch schedules to test their tolerance for affordability.
The Verge recently referred to the bulk of new Android phone releases coming out in April, where phone manufacturers are only now talking about designing their products around Android Marshmallow OS, which was released late last year, where they also say that these manufacturers can be expected to be behind schedule by six months.
Marshmallow has already been running on a few devices, but initially it was first released on select Android phones from the latest Nexus line, which the Inquisitr referred to in January.
The Android Authority has compiled brand manufacturers and other data around Android phone release updates, especially now that Marshmallow expands to more hardware worldwide.
Google tells manufacturers what a phone should look like. Android Marshmallow What the Phones Are Going to Look Like https://t.co/XYjcmoShYx
— Tech Troublemaker (@techtroublemkr) October 26, 2015
In relation to the latest report from Engadget over news that Android phones were still susceptible to a new type of stagefright hack, Google had already announced and released a security update.
“Android devices with a security patch level of October 1, 2015 or greater are protected because of a fix we released for this issue (CVE-2015-3864) last year. As always, we appreciate the security community’s research efforts as they help further secure the Android ecosystem for everyone.”
The Inquisitr also covered the Stagefright vulnerability when it was discovered last year.
To be clear the hack only discovered as a result of security company testing for the vulnerability of Android phone OS, but there hasn’t been any actual news that hackers have exploited the chance.
The video provided by Living Android demonstrates an app to detect the Stagefright vulnerability.
As it’s been explained that a hacker could infect Android phones through a MMS notification, using the Stagefright multimedia libraries, which doesn’t even require a user to acknowledge notification, much less, do anything to get it by using their phone number.
On the March 7, the Israeli based security source uploaded a pdf file which explains the Stagefright exploits for the Android phones, or for a video friendly explanation of the reason the modules are easy to take advantage of, you can refer to this video provided by TWIT Netcast Network.
