back to article Latest Androids have 'god mode' hack hole, thanks to Qualcomm

Four Qualcomm vulnerabilities grant malware writers total access to modern Android smartphones. Yes, yes, nine hundred meellion "potential" users, if you're counting. Attackers can write malicious apps that, when installed, exploit the software flaws to gain extra privileges on Android Marshmallow and earlier versions of …

WTF?

Totally flaming awesome!!!

It's a grand world where amazing things happen. Please keep the wondrous software and firmware coming into our lives for the beauty they bring!

3
0
Anonymous Coward

"Do you feel lucky, Punk?"

So you have figured out I am concerned about security - and you want me to install an APP with just a handful of installs??? What sort of person do you think I am? Sheez...

8
1

Re: "Do you feel lucky, Punk?"

My thought exactly... :-)

2
0
FAIL

Re: "Do you feel lucky, Punk?"

Same thing here.

For 2 seconds I looked for the field where I could input my mobile's model and check if it was vulnerable, before I realized I was on the PlayStore page (yes, I should have known before I clicked, but I expected better from El Reg).

Can't be bothered to install an app for the sole purpose of checking if I'm vulnerable to 1 specific exploit, so thanks, but no thanks.

9
0

Android - the real Windows mobile OS.

9
2
Bronze badge
FAIL

Not really. Never ever actually seen a exploited Android device in the wild, despite Stagefright, despite this and all the other scare stories.

Not a day goes by where I don't see a malware infested Windows device.

Those two are literally worlds apart. Anyone that claims different is either an idiot, or has an agenda.

11
20
Silver badge

Windows didn't suffer any mass attack until years after they were possible, despite all kinds of warnings about how big of a problem they could be. It took the example of multiple such attacks spreading like wildfire to get Microsoft to start taking security seriously. And it wasn't until Windows 7 that the extra attention started having any real effect (not that 7 is 100% secure, but it is significantly better than XP even XPSP3 ever was)

The day is coming where there will be a mass Android attack - which will probably spread itself by sending MMS to your contacts who will send it theirs, and so on. Sure maybe in two years 50% of Android devices won't be vulnerable to the MMS exploits (unless new ones are found, which isn't unlikely) but that would still mean hundreds of millions of devices could be compromised in a day.

Its just a question of whether someone will do it for the notoriety, or if they will have a revenue model in mind (clickjacking, stealing bank info or whatever)

4
2

This post has been deleted by a moderator

Childcatcher

Nexus OK?

"Owners of pure Android Nexus handsets are already patched, provided they accepted the over the air updates..."

No they aren't! Both my Nexus 5X and 7s report 2 vulnerabilities despite being patched to July 16 level...

Maybe August's goodies will really provide the fixes...

3
0

Re: Nexus OK?

In addition to that my Nexus 5X running Android 7.0 beta with 5 July 2016 patch level also shows up as vulnerable to CVE-2016-5340. Well, isn't that wonderful.

2
0

Re: Nexus OK?

Google stated that Nexus fixes for the last of the vulns (after 5th August updates) will be released in early September. The delay is because the patch for this was not released until too late for the August batch.

0
0
Anonymous Coward

Re: Nexus OK?

And why can't they do an Out-Of-Band update given the potential of the exploit, especially if they combine this with a silent install exploit?

7
0

Re: Nexus OK?

My Nexus 6 is running MOB30W (dated 5 August) and the Checkpoint app says that I'm affected by all 3 vulnerabilities...

1
0
Silver badge

Re: Nexus OK?

Looks like people at BlackBerry have had a busy weekend - they're now rolling out August 5th patches to their Priv Android phone, or least the factory unlocked SIM free ones.

Fairly smart work. Apart from Nexus and with BlackBerry being hot on Google's heels, who else is keeping their products that up to date?

1
0

Re: Nexus OK?

Just the CVE-2016-5340 remaining as outstanding on the Priv.

Whether BlackBerry will push it early or leave it until next months round-up we shall see.

1
0
Anonymous Coward

Re: Nexus OK?

"...who else is keeping their products that up to date?"

CyanogenMod, that's who.

3
0

Re: Nexus OK?

With the 5th August patch MOB30X, Nexus 7 is down to one (CVE-2016-5340).

0
0

My Nexus 6 still shows as vulnerable to two of them. It is patched up to 5th July 2016 as well. There should be a monthly update pushed out any day now so I'd expect this will fix them.

0
0
Silver badge

Last I heard, it won't make the August patch cycle because it was submitted too late. Meaning September at the earliest.

1
0

My middle-aged Galaxy S3 is frustratingly not vulnerable to these vulns, even though it was last patched in the mid 90s (I think it was).

Very disappointed - I was looking for a spurious excuse to upgrade. Can't these feckers do anything right?

6
0
Trollface

"even though it was last patched in the mid 90s (I think it was)"

As the S3 was only released in 2012 you're not even close! ;)

1
0
Facepalm

I distinctly remember playing [url=https://www.youtube.com/watch?v=ilKcXIFi-Rc]this[/url] when the last update was downloading. 1995, QED (never mind that Android 1.0 was only released in 2008.)

Whoosh?

1
0

What else can one say...

...oooops!!!

1
0

Towelroot refresh?

It would be wonderful if a user-focused .APK was released that installed SuperSU on vulnerable phones using this exploit, as Towelroot did.

Even better if it managed to get S-OFF, and we could use it to definitively clear this vendor brain damage.

Perhaps Sunshine will be getting an update soon.

0
0
Silver badge

Re: Towelroot refresh?

No, because thanks to SafetyNet, more apps are becoming root-aware. Rooting now has more risks than before, as apps you used before could balk.

0
0
Anonymous Coward

Re: Towelroot refresh?

Irrelevant.

There are ways to hide the root status from individual apps - I've used one with flawless success. Get xposed and you won't regret it!

0
0

Re: Towelroot refresh?

What app would I ever want to run that insisted that I relinquish control of my phone?

NONE!

What sane app would *insist* that we run a flawed /system/lib/libstagefright.so that would allow a system to be cracked like an egg?

What SHOULD happen is banking and finance apps that refuse to run on vulnerable systems. When Citibank and Wells Fargo start blocking Android 4.4 KitKat and lower, Google and the OEMs will probably find a way to get patches out.

0
1
Silver badge

Re: Towelroot refresh?

"There are ways to hide the root status from individual apps - I've used one with flawless success. Get xposed and you won't regret it!"

How when SafetyNet checks itself with an encrypted connection back to Google AND can upgrade itself through that same connection? We don't know Google's private key. SafetyNet can even detect /system-less root now.

0
0
Happy

Huawei/Kirin for the win

For now, at least :)

1
0
Anonymous Coward

Hmm, Android might have security flaws, but I don't seem to remember anyone ever making a Web page that could root an android device with one swipe.

0
1

My Note Edge has 3 vulns but hopefully it'll get patched fairly quickly as Samsung have been doing well patching everything with monthly updates, also as I'm using an unlocked phone no need to wait for the mobile networks to okay the patches!

0
0

Balls.

My ZTE Z850 and Moto G LTE are vulnerable to all 4.

Fat chance they'll get patched.

1
0
Big Brother

Risk categories

As I see it, there are two primary risk categories.

1) Jailbroken phones, the owners of which install stuff from everywhere.

2) Non-jailbroken phones, the owners of which only install from the Play store.

Naturally, all vulnerabilities affect category #1. But I'm frequently unclear on whether category #2 people should shit their pants with worry on a daily basis until their phone is patched, or whether they should just ignore such reports as irrelevant.

0
0
Silver badge

Re: Risk categories

"Jailbroken" isn't all bad. A scan of Cyanogenmod 13 shows only one vulnerability and the fix is in tonight's build.

2
0
Anonymous Coward

Re: Risk categories

Jailbroken refers to Apple only. Android has no such walled garden.

Perhaps you're thinking of bootloader unlocking or rooting.

3
0
Silver badge

Well fucking brilliant.

Just spaffed £300 on a NEW Sammy S2 tablet with the NEW QUALCOMM processors to find it is vulnerable to a NEW exploit.

Dear Sammy and QUALCOMM.

That's a load of fail right there ffs...

1
0

M9 with latest SlimRoms

I have 2 vulns.

0
0

Moto X Play, up to date

I have Marshmallow and all the current updates for the Moto X Play, all 4 vulnerabilities. I don't think I would have bought this phone if I had known Moto was switching to a Samsung-like update policy.

Oh, and my Pixel C is immune, of course.

0
0

What about ...

Personally, my biggest complaint is all the "Crap Apps" that Android has Baked In from the "Factory" by Google.

As far as I can tell, no matter what I do, there are a whole Bunch of "Services" that I neither Want nor Need nor Use but which will keep right on sucking up my battery power, no matter What I do.

I've tried disabling stuff. The list is so long that it would take me a Week. Then there are all the ones that Can't be disabled because the Phone somehow Needs them to function as a Phone.

And, to cap the futility, Android keeps automagically downloading Updates that turn everything back on just a couple days after I turn them all OFF..

4
0
Anonymous Coward

Re: What about ...

Root

Greenify

Amplify

Powernap

Thank me for your two day battery life.

2
0
Anonymous Coward

Re: What about ...

SafetyNet

dm-verity enforcing

Thanks for breaking my system and apps, as custom ROMs and apps don't know Google's signing key.

0
0
Silver badge
Linux

no nexus or BlackBerry ? mod it

Open source and you get the fixes fast, look at cyanogenmod ... this is especially true if you have a Sony that is older than 18 months or a noname...

Cyanogenmod even beat BlackBerry !!!!

1
0
Anonymous Coward

Re: no nexus or BlackBerry ? mod it

My not-that-old flagship still gets nightlies, but I won't be hold my breath for CM 13/Marshmallow. There are other ROMs (mostly Lollipop-based, or flaky Marshmallow builds) but the logic of which phones stay interesting to devs enough to support eludes me.

1
0

...... and Blackphone 1 and 2.

..... oh the irony.

3
0
Silver badge

Samsung Tab Pro 8.4 (SM-T325)

Running CyanogenMod 13, with August 5th Security Update(s). Affected by Two 'ploits.

CVE-2016-2059, and CVE-2016-2504 I guess I'll try reporting these in the Tab Pro Board(s), over at XDA-Developer's where the ROM Maintainers might take some notice.

0
0
Silver badge
Trollface

I know who to blame!

How did MSFT do this evil?

0
2

Square mobile security hacker Dino Dai Zovi

Seems a bit unkind, or he really that shape?

0
0
Silver badge
Boffin

Professional DJ in the house!

"The ecosystem is such that it makes exploitation more difficult because it needs to be designed for [each device],” Dai Zovi said at the time. “[Android] security features like verify apps, and Google Play store application checks makes it a much safer system.”

Spin it baby. Spin it.

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2018