If you own a Android phone from Google, Samsung, Motorola, LG, HTC, Xiaomi, OnePlus, Nokia, TCL, and ZTE, but really any Android phone, you might not be getting the security patches that you need to keep your phone safe based on a recently released study:
The study found that outside of Google and its Pixel phones, well-known phone makers had devices that were missing patches that they claimed to have. “We found several vendors that didn’t install a single patch but changed the patch date forward by several months,” says SRL founder Karsten Nohl.
The number of missing security patches on phones varied between device makers. For example, Google, Samsung, and Sony devices were found to be missing 0 or 1 patches on average. Xiaomi, OnePlus, and Nokia devices were missing 1 to 3 patches on average, while HTC, Huawei, LG, and Motorola were missing 3 to 4 patches on average. Devices from TCL and ZTE fared the worst, missing an average of 4 or more patches that they claimed to have.
One of the huge problems with Android is that is is now so fragmented, and every vendor has filled it with their own custom stuff and they’ve done god knows what to the core of it. That’s horrible for the consumer as you are guaranteed to get this situation because it’s easier to fudge things than to come out with proper patches on a regular cadence.
Contrast that to those on team iOS where everything comes from Apple. Thus every iPhone user that has an iPhone made in the last five years give or take gets every security update that comes out. Sure iOS is a walled garden unlike the freedom that Android provides its users, but the wall surrounding that garden is pretty secure unlike Android.
While people are going to buy Android phones regardless of how insecure they are because they are cheap, Google and company need to do something about this. The fact is that you can’t have millions of phones running around out there which are wide open to being pwned. That’s just a disaster waiting to happen.
Russian Court Says That Telegram Is Now Blocked In Russia
Posted in Commentary with tags Telegram on April 13, 2018 by itnerdI’ve been writing about the ongoing fight between the Russian government and popular messaging app Telegram for a few weeks now. In short, Russia wanted Telegram’s encryption keys. Presumably so they can spy on Telegram users. Telegram said no. And as a result, here we are with Telegram being blocked in Mother Russia on the orders of a court:
The decision came a week after Russia’s state communication watchdog filed a lawsuit to limit access to Telegram messaging app following the company’s refusal to give Russian state security services access to its users messages.
With more than 200 million users worldwide, the mobile messaging app allows users to communicate via encrypted messages which cannot be read by third parties, including government authorities.
Here’s the ironic part, apparently the Russian government uses Telegram…. I wonder how they will do without it?:
The Kremlin uses Telegram to coordinate timings of regular conference calls with Vladimir Putin’s spokesman, while many government officials use the messenger to communicate with media.
When Reuters asked a person in the Russian government on how they would operate without access to Telegram, the person, who asked not be identified due to the sensitivity of the issue, replied by sending a screenshot of his mobile phone with an open VPN app.
Wait, aren’t VPNs banned in Russia? Of course they are. I guess that in Russia, everyone is equal. But some are clearly more equal than others.
In any case, this fight between the Russia government and Telegram is likely to escalate. It will be interesting to see what shape that escalation takes.
1 Comment »