TelecomTV TelecomTV
  • News
  • Videos
  • Channels
  • Events
  • Network Partners
  • Industry Insights
  • Directory
  • Newsletters
  • Digital Platforms and Services
  • Open RAN
  • Cloud Native Telco
  • Telcos and Public Cloud
  • The Green Network
  • Private Networks
  • Open Telco Infra
  • 5G Evolution
  • Access Evolution
  • Edgenomics
  • Network Automation
  • 6G Research and Innovation
  • Security
  • More Topics
  • Network Partners
  • Industry Insights
  • Directory
  • Newsletters
  • |
  • About
  • Contact
  • |
  • Connect with us
  • Digital Platforms and Services
  • Open RAN
  • Cloud Native Telco
  • Telcos and Public Cloud
  • The Green Network
  • Private Networks
  • Open Telco Infra
  • 5G Evolution
  • Access Evolution
  • Edgenomics
  • Network Automation
  • 6G Research & Innovation
  • Security
  • Connect with TelecomTV
  • About
  • Privacy
  • Help
  • Contact
  • Sign In Register Subscribe
    • Subscribe
    • Sign In
    • Register
  • Search

Security

Security

Google security boffin bemoans Android tweaks

Nick Wood
By Nick Wood

Feb 18, 2020

via Flickr © alexbrn (CC BY 2.0)

via Flickr © alexbrn (CC BY 2.0)

  • Samsung alterations leave A50 smartphone more vulnerable to hackers
  • Expert implies that Samsung is not the only offender
  • Sales of devices with hardware security jumped 39 percent in 2019

One of Google's top security experts has warned that tweaks made by Samsung to Android's underlying code can leave devices more vulnerable to hackers.

 

Jann Horn gained fame a few years ago by single-handedly discovering major security flaws in the design of well-known processors. These days he is a member of Google Project Zero, a team tasked with finding zero-day vulnerabilities in software.

 

In a blog post last week, Horn detailed how one modification to the Android kernel implemented by Samsung on its Galaxy A50 – a modification seemingly intended to make the smartphone more secure – actually introduces bugs that make it less so.

Called PROCA, it appears designed to limit an attacker who has already gained read/write access to the kernel.

"[It] seems futile, and engineering resources would have been better spent preventing an attacker from getting to that point in the first place," Horn wrote.

He provided a comprehensive technical explanation of how PROCA can be exploited to potentially allow an attacker to gain access to sensitive data stored on the device. He noted that the alterations made by Samsung meant that the A50 is even susceptible to an old Android bug that was fixed by a patch more than a year ago.

"In my opinion, some of the custom features that Samsung added are unnecessary, and can be removed without any loss of value."

The tone of Horn's article implied that the Samsung example is just the tip of the iceberg. No other vendors were named, but it can be inferred that this is not an isolated incident.

"The way Android device branches are currently maintained is a security problem," Horn said.

The case also highlights the difficulty Android OEMs face when they try to differentiate by adding features – however subtle – to the operating system.

Android has become more locked down over the years, as Google seeks to ensure the quality and security of the OS. This is understandable. It doesn't want Android's reputation tarnished by phone makers bringing out shoddy products that don't work properly or worse, that leave customers vulnerable to hackers.

The industry has its work cut out trying to protect Android users though, which would explain Samsung's motive.

According to McAfee's most recent threat report, more than 1.5 million new malware programmes were identified in the first quarter of 2019.

"Mobile malware running on the Android operating system is the most prevalent at this time, driven by the ease of installing new applications from third-party sources," noted Crowdstrike in its 2019 Mobile Threat Landscape report.

Indeed, rogue apps are one of the most common ways for a user to unwittingly install malware on their handset.

Crowdstrike also warned that mobile antivirus software is less mature than its desktop equivalent, making it easier for attackers to access a mobile device undetected.

As a result, Android OEMs are increasingly using hardware to enhance the security of their products.

Counterpoint Research released a report last week showing that one third of all smartphones sold in 2019 had embedded hardware security, which represents a 39 percent increase on 2018.

via Counterpoint Research, February 2020

via Counterpoint Research, February 2020

"The secure element is a coprocessor within the SoC which assures tamper-resistance and is capable of securely hosting applications," said Neil Shah, vice president of research at Counterpoint.

Different vendors have different ways of implementing the technology, he explained, but they all share the common goal of making it harder for attackers to compromise devices and gain access to sensitive data.

"Secure chipsets like secure elements, PUFs (physical unclonable functions), and TPMs (trust platform modules) embedded in the smartphone are currently the best solution to meet increased security needs," said Counterpoint Research analyst Satyajit Sinha.

With that in mind, poking around in Android's code – however well-intentioned – seems unwarranted, and that when it comes to security, hardware-makers should continue to focus on what they do best: hardware.

Related Topics
  • Analysis & Opinion,
  • Announcement,
  • Global,
  • Google,
  • Mobile,
  • News,
  • Privacy,
  • Research and Trials,
  • Samsung,
  • Security,
  • Telecoms Vendors & OEMs

More Like This

Open Telco Infra

What’s up with… SoftBank, Nvidia, AT&T, Broadcom, VMware

Mar 22, 2023

Access Evolution

What’s up with… VMO2, CityFibre, Openreach, AT&T, Nokia

Mar 20, 2023

Digital Platforms and Services

Cisco and Telenor Group sign agreement to explore new as-a-service business models and enable a more inclusive internet

Mar 17, 2023

Security

Scale and impact of online fraud revealed

Mar 17, 2023

Digital Platforms and Services

What’s up with… TikTok, GPT-4, Meta, Three

Mar 16, 2023

Email Newsletters

Stay up to date with the latest industry developments: sign up to receive TelecomTV's top news and videos plus exclusive subscriber-only content direct to your inbox – including our daily news briefing and weekly wrap.

Subscribe

Top Picks

Highlights of our content from across TelecomTV today

10:43

MWC23 interview: Mari-Noëlle Jégo-Laveissière, deputy CEO of Orange

12:45

MWC23 interview: Abdu Mudesir, Group CTO, Deutsche Telekom

9:26

MWC23 interview: Greg McCall, Chief Networks Officer, BT

TelecomTV
Company
  • About Us
  • Media Kit
  • Contact Us
Our Brands
  • DSP Leaders World Forum
  • Great Telco Debate
  • TelecomTV Events
Get In Touch
[email protected]
+44 (0) 207 448 1070
Connect With Us

  • Privacy
  • Cookies
  • Terms of Use
  • Legal Notices
  • Help

TelecomTV is produced by the team at Decisive Media.

© Decisive Media Limited 2023. All rights reserved. All brands and products are the trademarks of their respective holder(s).