900M Android Devices Vulnerable To New 'Quadrooter' Security Flaw (cnet.com) 129
An anonymous Slashdot reader quotes a report from CNET:
Four newly-discovered vulnerabilities found in Android phones and tablets that ship with a Qualcomm chip could allow an attacker to take complete control of an affected device. The set of vulnerabilities, dubbed "Quadrooter," affects over 900 million phone and tablets, according to Check Point researchers who discovered the flaws. An attacker would have to trick a user into installing a malicious app, which wouldn't require any special permissions. If successfully exploited, an attacker can gain root access, which gives the attacker full access to an affected Android device, its data, and its hardware -- including its camera and microphone.
The flaw even affects several of Google's own Nexus devices, as well as the Samsung Galaxy S7 and S7 Edge, according to the article, as well as the Blackberry DTEK50, which the company describes as the "most secure Android smartphone." CNET adds that "A patch that will fix one of the flaws will not be widely released until September, a Google spokesperson confirmed."
The flaw even affects several of Google's own Nexus devices, as well as the Samsung Galaxy S7 and S7 Edge, according to the article, as well as the Blackberry DTEK50, which the company describes as the "most secure Android smartphone." CNET adds that "A patch that will fix one of the flaws will not be widely released until September, a Google spokesperson confirmed."
Fuck iOS (Score:1)
I prefer my devices allow me to do as I wish with the content I already own. I like Android devices a lot better, and I'm someone who does pay for content and apps. I just refuse to do it multiple times.
What the fuck does a bug that requires social engineering and ignorant users installing sketchy software have to do with apple's alleged superiority? I have an iPad that a RARELY use. It has its place in my studio, but I haven't set that up since moving. For everything else, I prefer either my Samsung tablet
Re: (Score:1)
I prefer my devices allow me to do as I wish with the content I already own. I like Android devices a lot better, and I'm someone who does pay for content and apps. I just refuse to do it multiple times.
What the fuck does a bug that requires social engineering and ignorant users installing sketchy software have to do with apple's alleged superiority? I have an iPad that a RARELY use. It has its place in my studio, but I haven't set that up since moving. For everything else, I prefer either my Samsung tablet with a proper screen ratio for reading comics without scrolling, or any of my other Android devices that don't try to nickle and dime me for every single fucking thing I do.
So much for Apple haters being silent.
Spoken like someone who has never used an iOS device. Why would you pay multiple times? Why pay at all? All my content is on both of my iPhones, iPad, and my Mac. And much of that came from my own CDs and DVDs, etc. I have 37,918 songs in iTunes. Much that is from my CD and even vinyl collection. Some I bought on iTunes, Amazon, BandCamp, etc. Every one of those is available on my iPhone. Also, you do know you can download anything you want to an iOS device? Just get the free Documents app from Readle. Tha
Re: (Score:2)
iOS devices don't have a user accessible file system. FULL STOP! You can't even download an MP3 file from a website using Safari on iOS. That right there makes it complete shit for anyone with more than half a brain. And that's why I won't ever use an iOS device. I prefer not to suck iTunes dick every time I want to transfer a file to my device.
Bullshit, Bullshit, Bullshit.
While it is true that iOS doesn't directly provide access to the file-system heirarchy, there are Apps, such as GoodReader, that for the most part provide excellent file-management and file-transfer functionality.
And as far as "can't download an MP3 from Safari", that is TOTAL bullshit. I just tested exactly that on iOS 9 on my iPhone 6+. No iTunes involved (and BTW, there is no "iTunes", per se, on iOS).
Re: Fuck iOS (Score:2)
Can you download pictures and videos via Safari? no
Re: (Score:2)
Can you download pictures and videos via Safari? no
First, I assume you mean MOBILE Safari.
Second, you have moved the goalposts; but I would imagine it depends on certain factors. However in Mobile Safari, if I "long-tap" on an Image, it brings up a contextual menu. One of the selections is "Save Image". If I choose that, the image (picture) goes to my "Photos" library. Sounds "Downloaded" to me.
With videos, it appears you cannot download from Safari directly; however, GoodReader has web-browsing capabilities, and you can certainly Download (and Play) di
Re: (Score:2)
Can you download pictures and videos via Safari? no
First, I assume you mean MOBILE Safari.
Based on the thread context, why would you infer otherwise?
Second, you have moved the goalposts; but I would imagine it depends on certain factors. However in Mobile Safari, if I "long-tap" on an Image, it brings up a contextual menu. One of the selections is "Save Image". If I choose that, the image (picture) goes to my "Photos" library. Sounds "Downloaded" to me.
Odd. I just tried this using my wife's iPhone 6+. There's no context menu popping up when I long press an image. Tried this with the same image on my Android phone and I get the expected context menu.
With videos, it appears you cannot download from Safari directly; however, GoodReader has web-browsing capabilities, and you can certainly Download (and Play) directly from that App. So, obviously, iOS doesn't keep you from Downloading video; they just didn't build that into Mobile Safari (that I know of). Chrome may allow it directly, although it doesn't seem to.
This is what irks me: why do I need a separate app for this when every other computing environment (eg Windows, Linux, Mac OS, Android) doesn't?
If that's too hard for you, may I recommend a Flip-phone?
Based on your ad homenim it's quite clear you place a high personal identity towards your phone environment.
Re: (Score:2)
Odd. I just tried this using my wife's iPhone 6+. There's no context menu popping up when I long press an image. Tried this with the same image on my Android phone and I get the expected context menu.
Try a different site. Apparently, image saving in Safari can be blocked for copyright etc.
But this is how you do it [technipages.com]. This must be from an earlier version of iOS, because my popup menu had a few more selections. But it is essentially the same.
Re: (Score:2)
What the fuck does a bug that requires social engineering and ignorant users installing sketchy software have to do with apple's alleged superiority?
Is it not obvious that it's pretty serious when the security of a system can be completely subverted by a non-privileged program? Regardless of whether you have bought into idiotic platform flamewars you can't argue with the fact that any platform that has a bug like this has a serious problem compared to the competition. What is odd is that one of the most commonly presented advantages for Android over iOS is the ability to sideload apps and install apps from non-official app stores thus giving the user co
Re: (Score:2)
I don't trust them, but I did trust android permissions to (at least) identify apps with strange behaviours. Seems I was wrong and I'll need to stop installing crap.
This is a serious bug, but iOS security superiority is not on its walled garden, but in its timely OS updates.
Re: (Score:2)
What would prevent a bugged android apk to be delivered via the playstore?
Nothing, in fact I believe it has happened multiple times before.
This is a serious bug, but iOS security superiority is not on its walled garden, but in its timely OS updates.
Correct, but this isn't really about the walled garden. You can sideload apps on iOS too if you have XCode7, but there is no (known) privilege exploit that allows a userland application to get full privileges.
Re: (Score:2)
but there is no (known) privilege exploit that allows a userland application to get full privileges.
If the cost of that is not being able to access the damn filesystem and having everything running in it's own little isolated compartment, I'll just use Android and try not to install malicious apps thanks.
Re: (Score:2)
but there is no (known) privilege exploit that allows a userland application to get full privileges.
If the cost of that is not being able to access the damn filesystem and having everything running in it's own little isolated compartment, I'll just use Android and try not to install malicious apps thanks.
So, you are actually arguing against robust sandboxing? In 2016? On a Mobile Device?
Most users (yes, even Android Users) couldn't care less to paw through a filesystem heirarchy. In fact, the decision to make each app manage its own files in iOS was not borne out of some need to "lock down" user-choice; but rather, to keep a simple device simple for NON-computer-savvy people to use.
That's what you idiots need to get through your pin-heads: Not everyone is comfortable traversing a full-blown filesystem.
Re: (Score:2)
Re: (Score:2)
So they don't have to if they don't want to. The point is really the fact that the option is useful to some people.
The option to what, exactly? Pull down their pants and wag their nekkid ass in the air, waiting for the next available hard dick? Because that's about the equivalent to what you are touting as a "useful option".
Re: (Score:2)
If the cost of that is not being able to access the damn filesystem and having everything running in it's own little isolated compartment, I'll just use Android and try not to install malicious apps thanks.
But that isn't the cost of it, the fact that not every process should be able to just run with root privileges whenever it wants is a pretty fundamental part of any modern operating system and indeed is not incompatible with the ability to access the filesystem.
Re: (Score:2)
My android gets its security updates every month. Nexus 6P updated just a couple days ago, with the Aug update. I expect another one in Sept, probably one that fixes this one. Let me know when Apple ships timely monthly updates.
Re: (Score:2)
My android gets its security updates every month. Nexus 6P updated just a couple days ago, with the Aug update. I expect another one in Sept, probably one that fixes this one. Let me know when Apple ships timely monthly updates.
Fortunately, they don't seem to have vulnerabilities du-jour; but when they do, they generally push out an update in a pretty timely fashion, and for MUCH longer than any, or nearly any, Android device.
Re: (Score:2)
Re: (Score:2)
The Apple haters will be silent tonight
You might want to go read the past Slashdot discussion threads about previous Android flaws, and then reconsider your statement.
Re:Chalk one up for iOS (Score:5, Informative)
>"Chalk one up for iOS"
Um, no.
1) Don't sideload apps unless you REALLY know what you are doing. You can't even officially DO that on iOS. So if you treat Android like iOS and don't change the default to NOT sideload and ignore all the warnings, then you are probably just fine.
2) All mine are Nexus and likely to be updated quickly.
Re: Chalk one up for iOS (Score:2)
How would downloading apps only from the Google Play store prevent apps from taking advantage of a security flaw in Android?
Re: Chalk one up for iOS (Score:4, Interesting)
First, Google Play Store has a filter called Bouncer that attempts to detect known malicious attacks in APKs. Second, if a malicious app does slip past Bouncer, it can be reported to Google.
Re: (Score:2)
Don't sideload apps unless you REALLY know what you are doing. You can't even officially DO that on iOS.
Actually, if you have XCode 7, you can. No Jailbreaking needed.
Re:Chalk one up for iOS (Score:5, Insightful)
Personally, I've never understood why people pick sides and root for 500 billion dollar corporation X versus 500 billion dollar corporation Y like they're a sports team. Console vs console or console vs PC wars are equally inane to me. Where's the virtue in being wedded to a single platform? Is being techo-polygamous a bad thing?
Anyhow... considering that this requires installing a malicious app, the chances of most people getting hit with this are pretty low, especially now that app stores know what to look for. These sorts of issues are only a real problem when you can get infected with a drive-by SMS message or something like that.
Re: (Score:3)
Where's the virtue in being wedded to a single platform? Is being techo-polygamous a bad thing?
It increases your attack surface. It's safer to be a serial-monogamist.
Re:Chalk one up for iOS (Score:5, Interesting)
For me it is not about Google vs Apple, but Android vs iOS and the philosophies behind them.
I believe in open platforms being better for mankind in the end, warts and all.
Re: (Score:2)
...especially when the real problems are 500 billion companies Samsung and Verizon.
I'm oddly finding myself thinking that this exploit could actually be used to enhance security on phones with locked bootloaders and unreliable updates from their manufacturers. I'm seriously considering buying an Axon 7, because the hardware looks great. But if I can't install ROMs to keep the thing current on security updates, I don't want it. To tell the truth, even if ZTE were to provide timely updates for the first 2
Re: (Score:1)
1. Unless you're positve of the clean & germ-free source, you are making an inherently risky move in installing a Marshmallow ROM or whatever reverse-engineered AOSP clone is floating out there.
2. Speaking of reverse-engineering, taking the ICS 4.0.x drivers and tweaking them to work with Marshmallow does not constitute a good security patching policy.
The updates spoken of here are not merely OS-baked-in ones, but also any actual firmware updates
Re: (Score:2)
Well, I'm guessing you wouldn't advise leaving my N4 on the last-supported Kit-Kat version. I'm using Cyanogenmod 13, which is a pretty well-known commodity. It may have some of its own bugs, but it also has some of its own security enhancements - like the ability to turn root on and off on demand.
Re: (Score:1)
I love it how when a security vulnerability is found on Apple devices it's reported as "New way discovered to jailbreak your phone!", but when it happens to Android it's "Android devices vulnerable to attack!"
Re:Chalk one up for iOS (Score:4, Insightful)
No, I will still hate Apple the company. For who they are and who they have been historically. I've hated them since Steve Jobs stood up on a platform and boasted of the new 'Hacker Proof' Macintosh at product introduction.
That was in the old days, and hacker had the meaning we all still wish it did.
Other crimes Apple committed include suing all the third party GUI vendors out of business. They ran the GEM desktop and the GEOS desktop off the market. They sued and drove out of business everybody but Microsoft's GUI. In effect they created the Windows monopoly we have today. Fuckers. Fuck Apple.
Re: (Score:2)
They sued and drove out of business everybody but Microsoft's GUI.
There's this thing called Linux. I'd recommend taking a look at it.
Re: (Score:2)
In the 1980s when Apple was busy suing DRI over GEM, XFree86 didn't exist yet.
Re: Chalk one up for iOS (Score:2)
XFree86, no but X did exist though
Re: (Score:2)
They sued and drove out of business everybody but Microsoft's GUI.
There's this thing called Linux. I'd recommend taking a look at it.
Not strong enough.
There's this thing called Prozac. I'd recommend him taking a look at it.
Re: (Score:2)
hey sued and drove out of business everybody but Microsoft's GUI.
They sued the FUCK out of Microsoft, too. Or did you conveniently forget that fact?
Re: (Score:3)
I think ALL of us jailbreakers and rooters should celebrate this. Now I might be able to push an adaway hostfile with 875K worth of junk hosts of malware, ads, adware, gambling and other cruft blocked. I cant believe I need to wait for a flaw like this to update the hosts file on the phone I own.
This weaponizing of opensource software to do things like make it impossible to edit /etc/hosts with malware blocks is unreal.
Re: (Score:2)
Except Android doesn't use /etc/hosts. That's a function of the stub resolver in the C li
Re: (Score:1)
Re: (Score:2)
Except Android doesn't use /etc/hosts. That's a function of the stub resolver in the C library you use, and the Android C library simply doesn't support it.
But, but, don't all the Slashtards and Fandroids crow about how Android == Linux, and how Android's popularity (mostly because of the proliferation of shitbox throwaway freephones) somehow means that Linux has some insanely-high marketshare?
So, I guess Android == Linux only for certain limited values of "equals", right?
Android needs a different kind of APK (Score:2)
Just because Android's package format is called "APK" doesn't mean you can use a hosts file. A workaround is to use a firewall app with a DNS filter, and then plug your hosts file into that. I haven't tried NoRoot Firewall [google.com] to see whether it supports a hosts file, but it does show that a firewall is possible without rooting.
Re: (Score:2)
Because the hosts file is inside /system, the device needs to be rooted [howtogeek.com] in order to adb push a modified version. And that's if Android's networking stack even uses it; this comment [slashdot.org] claims that at least some versions do not.
Re:Chalk one up for iOS (Score:4, Interesting)
Re: Chalk one up for iOS (Score:2, Informative)
Did you notice how many of those vulnerabilities have already been patched? The latest version of iOS 9.3.3 is compatible with every iOS device sold since September 2011 and was available for every iPhone regardless of carrier the day it was released.
Re: (Score:2)
The Apple haters will be silent tonight
Unfortunately not [slashdot.org].
You can read more of this story... (Score:2, Insightful)
Eds, why not check the article and link directly to zdnet and not the 'sister' publication?
Rooted phone? (Score:5, Insightful)
Re: (Score:1)
Sounds like you get to share root.... but thats pretty gross if you know what I mean
Re:Rooted phone? (Score:5, Interesting)
Does this mean I might get to root my otherwise unrootable phone?
I was thinking the same thing. Someone please publish the exploit on github so I can compile it and root my own phone.
Re: (Score:2)
Sign me up. I am ready for your one-click Qualcomm root exploit app.
Easy Way to Root (Score:2)
Re: (Score:3)
Re: (Score:2)
Better yet, can it beat knox so it doesn't nullify your warranty (according to the manufacturer).
Quad Rooter (Score:2, Funny)
That's what me and my mates called ur mum, she's pretty skilled taking 4 at a time.
Patch not needed quickly... (Score:3)
This is mostly fear mongering. Now if you could root my phone with an MMS or some other function that does not require me to turn of security features first, then I'll worry.
I will worry about all the cheap chinese tabs and phones that come with sideloading (and malware/crapware) installed by default.
Re: (Score:2)
Re: (Score:2)
I take it you've never heard of f-droid. Only one of the biggest FOSS repositories for a single platform.
And since it's not an official Google product, funnily enough, it requires sideloading.
Re: (Score:2)
A very small percentage use alternate app stores, so saying 900M devices are vulnerable is a bit hyperbolic.
If i can trick you into installing an app (Score:1)
you're owned anyways.
what's so special about this? people just hit 'yes' on all permissions on android anyways. am I missing something?
Re: (Score:2)
Re: (Score:2)
Check your phone (Score:3)
To what end? (Score:2)
There's no update, and even if there were it'll come when the providers push it out. With a phone, you just have to accept that if the thing is vulnerable, it is vulnerable. You can't really do anything as a user. Anything you can do is shit you should already be doing like installing apps only from trusted sourced and running a malware scanner.
Re: (Score:3)
you should already be doing like installing apps only from trusted sourced and running a malware scanner
You don't need a third party malware scanner. Just turn on the built in Verify Apps.
Blackphone 2 (Score:2)
The Blackphone 2 uses a Qualcomm Snapdragon chip. The maintainers (Silent Circle) released a patch a week ago that 'updates to the latest Qualcomm config files' but it's unclear if that fixes this specific vulnerability.
Re: (Score:1)
The Blackphone 2 uses a Qualcomm Snapdragon chip. The maintainers (Silent Circle) released a patch a week ago that 'updates to the latest Qualcomm config files' but it's unclear if that fixes this specific vulnerability.
Nope, it doesn't. Still one out of four isn't bad :( (just vulnerable to: CVE-2016-5340) This will be a test of the promise to be the fastest at fixing/patching issues.....
Here we go again.. (Score:2)
Stopped reading after that.
Mundus vult decipi, ergo decipiatur.
Trick user into installing malicious app (Score:2)
Is this what slashdot is reduced to, posting bogus pseudo technical quotes from a known Microsoft shill.
PLEASE!! (Score:2)
Blackberry (Score:1)
So that is what you get from switching away from QNX.
Re: (Score:2)
I also hear that MS-DOS has never been attacked on a smart phone.
Re: (Score:2)
Well... technically any virus attacking MS-DOS but accidentally hitting a Nokia 9000 communicator could probably be counted under the category "MS-DOS" on a smartphone.....
Re: (Score:2)
yeah, if you can get that smartphone to read that floppy disk with the virus on it and executing that .COM file.
Re: (Score:2)
It could receive e-mail. Or you could surf a malicious web page.
Does it trip knox? (Score:3)
If it doesn't trip knox then someone could retool the exploit to root the phones in a good way.
Sucks (Score:2)
Where's the 'write protect' switch? (Score:2)
Re: (Score:1)
If you read the summary you'd know this is a flaw in silicon, not android. Blame qualcomm not google for this one.
Re: (Score:1)
If this were a similar fault on an Apple device,you know that the bulk of the submitters here would be showing them no mercy.
Re: (Score:2)
Well, it seemed to me when I first read the summary that it was a hw problem.. It's not. it's drivers provided by qualcomm.. If apple was using the same drivers they'd be just as blameless as google is.
Re: (Score:2)
while true, Apple would also spend the time an have 80% of all IOS devices updated in 3 months, were by this time next year less than 100 million andriod devices will have the update.
Andriod has a severe update problem that isn't going away. google was smart enough to bake a decent amount of security in to start with, but I still keep expecting a massive worm attack.
Re: Typical Google (Score:2)
Have you ever heard Apple make the excuse that it's the fault of a third party driver when there is a security issue with iOS? I doubt that Apple would accept any binary only drivers from someone who produces its chips.
Re: (Score:3)
Have you ever heard Apple make the excuse that it's the fault of a third party driver when there is a security issue with iOS? I doubt that Apple would accept any binary only drivers from someone who produces its chips.
Apple tends to roll their own drivers, even for third-party chips.
Re: (Score:2)
Well, it seemed to me when I first read the summary that it was a hw problem.. It's not. it's drivers provided by qualcomm.. If apple was using the same drivers they'd be just as blameless as google is.
Yes they would; however, a YUGE percentage of Slashdotters would still blame Apple, just because.
Don't even try to deny it. Seen it happen too many times...
Re: (Score:2)
And rightfully so, considering Apple designs their own processors [wikipedia.org] and codes the drivers now.
Re: (Score:3)
http://blog.checkpoint.com/201... [checkpoint.com]
Re: (Score:3)
Well, the GP blamed google.. The language of the summary made it sound to me like it was a fault in the silicon.. Turns out both statements are wrong. It's qualcomm's drivers. I stand corrected.
Re: (Score:1)
An attacker would have to trick a user into installing a malicious app
That doesn't sound like it's the silicon's fault to me, but what the hell do I know?
Re: (Score:3)
You're forgetting the difference between a flaw and the path to exploiting a flaw. The flaw can exist in silicon, but it needs software to exploit it. You can safely run flawed code all day if you are in tight control of the software executing on the system. It isn't until you run untrusted code that you have a problem.
This is why Java is such a vector. Once you connect it to a browser, you're blindly running someone else's untrusted code on your JVM.
When Java is used in an EE environment, not hooked to a b