Tuesday, 15 April 2014

Android owners still face risk of Heartbleed bug

Cellcom Montreal
Cellcom
Cellcom Communications
Cellcom Montreal
Bell 
Bell Mobility
rogers mobiles
fido phones
fido mobiles
bell internet montreal
bell internet plans

Autoplay

Sorry, this video is not currently available.

THE Heartbleed bug that has been causing security nightmares for IT professionals — and may have been used by the National Security Agency to enable snooping — is present on specific versions of the Android operating system, according to Google.
In a blog post, Google product manager Matthew O’Connor details the Google services that are susceptible to the Heartbleed bug, which allows malicious interception of encrypted user data.
The good news is that the vast majority of Google services you probably use every day — mail, maps and search — are either immune to the bug or have already been patched.
Warning ... if you have an old Android phone, Google says you could be at risk of the Hea
Warning ... if you have an old Android phone, Google says you could be at risk of the Heartbleed bug.
The bad news is that there’s a version of Android that’s specifically still vulnerable to the bug. If you’re running a handset on Android 4.1.1, it needs patching to overcome the issue.
O’Connor notes that “patching information for Android 4.1.1 is being distributed to Android partners”, but there’s a significant issue here for Australian Android users.
Still at risk ... here’s a version of Android phone that’s specifically still vulnerable
Still at risk ... here’s a version of Android phone that’s specifically still vulnerable to the heartbleed bug. Source:Supplied
If you are on an older Android handset running Android 4.1.1, it’s not a matter of being able to download the patch yourself. It would have to pass certification from both the handset manufacturer and the carrier in order to ensure that the patch doesn’t break other functionality or adversely affect the network it’s running on.
That’s typically a very slow process, and one that historically hasn’t been followed up for many Android handsets in Australia which are left to linger on older Android versions.
While outside the power user set you’re not likely to run a server on your Android handset, it’s still a significant worry, because a handset could be sent to a web site running malicious code, and through that give away personal data.
Google’s own statistics suggest that around 34 per cent of Android handsets are on “Android 4.1.x”, but it doesn’t differentiate between the potentially compromised 4.1.1 version and the safe 4.1.2 release.
Posted by at
Labels: , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)