Millions of smartphones and tablets running Google Inc’s Android operating system have the Heartbleed software bug.
While Google said in a blog post on Wednesday last week that all versions of Android are immune to the flaw, it added that the “limited exception” was one version dubbed 4.1.1, which was released in 2012.
Security researchers said that version of Android is still used in millions of smartphones and tablets, including popular models made by Samsung Electronics Co, HTC Corp (宏達電) and other manufacturers. Google statistics show that 34 percent of Android devices use variations of the 4.1 software. The company said that less than 10 percent of active devices are vulnerable.
Over 900 million Android devices have been activated worldwide.
The Heartbleed vulnerability was made public last week and can expose people to hacking of their passwords and other information. While a fix was simultaneously made available and quickly implemented by the majority of Internet properties that were vulnerable to the bug, there is no easy solution for Android gadgets that carry the flaw, security experts said.
Even though Google has provided a patch, the company said it is up to handset makers and wireless carriers to update the devices.
“One of the major issues with Android is the update cycle is really long,” said Michael Shaulov, chief executive officer and co-founder of Lacoon Security Ltd, a cybersecurity company focused on advanced mobile threats.
“The device manufacturers and the carriers need to do something with the patch, and that’s usually a really long process,” he added.
Microsoft Corp said on Friday that the Windows and Windows Phone operating systems and most services are not impacted.
“A few services continue to be reviewed and updated with further protections,” Microsoft Trustworthy Computing director Tracey Pretorius wrote in an e-mailed statement.
Apple Inc did not respond to messages for comment.
The Heartbleed bug, which was discovered by researchers from Google and a Finnish company called Codenomicon, affects OpenSSL, a type of open-source encryption used by as many as 66 percent of all active Internet sites.
Still, there are no signs that hackers are trying to attack Android devices through the vulnerability, as it would be complicated to set up and the success rate would be low, said Marc Rogers, principal security researcher at the San Francisco-based Lookout Inc.
Individual devices are less attractive because they need to be targeted one-by-one, he said.
“Given that the server attack affects such a larger number of devices and is so much easier to carry out, we don’t expect to see any attacks against devices until after the server attacks have been completely exhausted,” Rogers wrote in an e-mail.
BUSINESS UPDATE: The iPhone assembler said operations outlook is expected to show quarter-on-quarter and year-on-year growth for the second quarter Hon Hai Precision Industry Co (鴻海精密) yesterday reported strong growth in sales last month, potentially raising expectations for iPhone sales while artificial intelligence (AI)-related business booms. The company, which assembles the majority of Apple Inc’s smartphones, reported a 19.03 percent rise in monthly sales to NT$510.9 billion (US$15.78 billion), from NT$429.22 billion in the same period last year. On a monthly basis, sales rose 14.16 percent, it said. The company in a statement said that last month’s revenue was a record-breaking April performance. Hon Hai, known also as Foxconn Technology Group (富士康科技集團), assembles most iPhones, but the company is diversifying its business to
ARTIFICIAL INTELLIGENCE: The chipmaker last month raised its capital spending by 28 percent for this year to NT$32 billion from a previous estimate of NT$25 billion Contract chipmaker Powerchip Semiconductor Manufacturing Corp (力積電子) yesterday launched a new 12-inch fab, tapping into advanced chip-on-wafer-on-substrate (CoWoS) packaging technology to support rising demand for artificial intelligence (AI) devices. Powerchip is to offer interposers, one of three parts in CoWoS packaging technology, with shipments scheduled for the second half of this year, Powerchip chairman Frank Huang (黃崇仁) told reporters on the sidelines of a fab inauguration ceremony in the Tongluo Science Park (銅鑼科學園區) in Miaoli County yesterday. “We are working with customers to supply CoWoS-related business, utilizing part of this new fab’s capacity,” Huang said, adding that Powerchip intended to bridge
Qualcomm Inc, the world’s biggest seller of smartphone processors, gave an upbeat forecast for sales and profit in the current period, suggesting demand for handsets is increasing after a two-year slump. Revenue in the three months ended in June will be US$8.8 billion to US$9.6 billion, the company said in a statement Wednesday. Excluding certain items, earnings will be US$2.15 to US$2.35 a share. Analysts had projected sales of US$9.08 billion and earnings of US$2.16 a share. The outlook signals that the smartphone market has begun to bounce back, tracking with Qualcomm’s forecast that demand would gradually recover this year. The San
Clambering hand-over-hand, sweat dripping into his eyes, a durian laborer expertly slices a cumbersome fruit from a tree before tossing it down to land with a soft thump in his colleague’s waiting arms about 15m below. Among Thailand’s most famous and lucrative exports, the pungent “king of fruits” is as distinctive in its smell as its spiky green-brown carapace, and has been farmed in the kingdom for hundreds of years. However, a vicious heat wave engulfing Southeast Asia has resulted in smaller yields and spiraling costs, with growers and sellers increasingly panicked as global warming damages the industry. “This year is a crisis,”