Cellphones using Google’s Android operating system are at risk of being disabled or wiped clean of their data, including contacts, music and photos, because of a security flaw that was discovered several months ago but went unnoticed until now.
Opening a link to a Web site or a mobile application embedded with malicious code can trigger an attack capable of destroying the memory card in Android-equipped handsets made by Samsung, HTC Corp (宏達電), Motorola and Sony Ericsson, rendering the devices useless, computer security researcher Ravi Borgaonkar wrote in a blog post on Friday.
Another code that can erase a user’s data by performing a factory reset of the device appears to target only the newly released and top-selling Galaxy S III and other Samsung phones, he wrote.
Borgaonkar informed Google of the vulnerability in June, he said.
A fix was issued quickly, he said, but it was not publicized, leaving smartphone owners largely unaware that the problem existed and how they could fix it.
Google declined to comment. Android debuted in 2008 and now dominates the smartphone market.
Nearly 198 million smartphones using Android were sold in the first six months of this year, according to the research firm IDC. About 243 million Android-equipped phones were sold last year, IDC said.
Versions of Android that are vulnerable include Gingerbread, Ice Cream Sandwich and Jelly Bean, according to Borgaonkar. He said the Honeycomb version of Android, designed for tablets, needs to be tested to determine if it is at risk as well.
Samsung, which makes most of the Android phones, said only early production models of the Galaxy S III were affected and a software update has been issued for that model.
The company said it is conducting an internal review to determine if other devices are affected and what, if any, action is needed. Samsung said it is advising customers to check for software updates through the “Settings: About device: Software update” menu available on Samsung phones.
Borgaonkar, a researcher at Germany’s Technical University Berlin, said the bug works by taking advantage of functions in phones that allow them to dial a telephone number directly from a Web browser.
However, that convenience comes with risk. A hacker, or anyone with ill intent, can create a Web site or an app with codes that instruct the phones linking to those numbers to execute commands automatically, such as a full factory reset.
While Borgaonkar has drawn attention to the problem, it is unclear how useful the vulnerability would be to cybercriminals who are primarily interested in profits or gaining a competitive advantage, said Jimmy Shah, a mobile security researcher at McAfee.
“There’s no benefit to the attacker if they can’t make money off it or they can’t steal your data,” Shah said.
However, the technique could cause huge headaches if it were harnessed to issue outbound phone calls, said Mikko Hypponen, chief research officer at F-Secure, a digital security company in Helsinki, Finland.
Stephen Garrett, a 27-year-old graduate student, always thought he would study in China, but first the country’s restrictive COVID-19 policies made it nearly impossible and now he has other concerns. The cost is one deterrent, but Garrett is more worried about restrictions on academic freedom and the personal risk of being stranded in China. He is not alone. Only about 700 American students are studying at Chinese universities, down from a peak of nearly 25,000 a decade ago, while there are nearly 300,000 Chinese students at US schools. Some young Americans are discouraged from investing their time in China by what they see
MAJOR DROP: CEO Tim Cook, who is visiting Hanoi, pledged the firm was committed to Vietnam after its smartphone shipments declined 9.6% annually in the first quarter Apple Inc yesterday said it would increase spending on suppliers in Vietnam, a key production hub, as CEO Tim Cook arrived in the country for a two-day visit. The iPhone maker announced the news in a statement on its Web site, but gave no details of how much it would spend or where the money would go. Cook is expected to meet programmers, content creators and students during his visit, online newspaper VnExpress reported. The visit comes as US President Joe Biden’s administration seeks to ramp up Vietnam’s role in the global tech supply chain to reduce the US’ dependence on China. Images on
New apartments in Taiwan’s major cities are getting smaller, while old apartments are increasingly occupied by older people, many of whom live alone, government data showed. The phenomenon has to do with sharpening unaffordable property prices and an aging population, property brokers said. Apartments with one bedroom that are two years old or older have gained a noticeable presence in the nation’s six special municipalities as well as Hsinchu county and city in the past five years, Evertrust Rehouse Co (永慶房產集團) found, citing data from the government’s real-price transaction platform. In Taipei, apartments with one bedroom accounted for 19 percent of deals last
US CONSCULTANT: The US Department of Commerce’s Ursula Burns is a rarely seen US government consultant to be put forward to sit on the board, nominated as an independent director Taiwan Semiconductor Manufacturing Co (TSMC, 台積電), the world’s largest contract chipmaker, yesterday nominated 10 candidates for its new board of directors, including Ursula Burns from the US Department of Commerce. It is rare that TSMC has nominated a US government consultant to sit on its board. Burns was nominated as one of seven independent directors. She is vice chair of the department’s Advisory Council on Supply Chain Competitiveness. Burns is to stand for election at TSMC’s annual shareholders’ meeting on June 4 along with the rest of the candidates. TSMC chairman Mark Liu (劉德音) was not on the list after in December last