NCSU: Vulnerabilities in Popular Stock Android Phones

We’ve already seen the recent Bit9 study which unveiled popular Android smartphones being vulnerable to malware exploits and hacking attempts and now it’s time for a North Carolina State University research to raise a couple of questions regarding pre-installed software.

Researchers Michael Grace, Yajin Zhou, Zhi Wang, and Xuxian Jiang at NCSU analyzed popular smartphones: HTC Legend, HTC EVO 4G, HTC Wildfire S, Motorola Droid, Motorola Droid X, Samsung Epic 4G, Google Nexus One and Google Nexus S. The research found that while the model implementation of Android on Google’s own handsets had relatively “minor security issues”, other manufacturer’s phones “do not properly enforce permission-based security model” related to bundled apps.

The vulnerability? Untrusted applications are able to “send SMS messages, record conversations, or even wipe all user data from the handset without needing the user’s permission”. While things went smoothly in reporting the issues to Google and Motorola, HTC and Samsung were a tougher nut to crack.

Android is more exposed to vulnerabilities and malware attacks because of several reasons: the “openness” of the platform, multiple OEMs implementing the OS and apps in separate ways and lots of applications available in “several sources”. Make sure you stick to Android Market downloads and only install applications you trust (or which originate from app makers you already know).

Source: NCSU (PDF)

Via: DroidDog

Share This Post

Watch the Latest Pocketnow Videos

About The Author
Anton D. Nagy
Anton is the Editor-in-Chief of Pocketnow. As publication leader, he aims to bring Pocketnow even closer to you. His vision is mainly focused on, and oriented towards, the audience. Anton’s ambition, adopted by the entire team, is to transform Pocketnow into a reference media outlet.