A security flaw has made it easy for scam artists to send phony
text messages to Android phones with help of a security flaw, a report
has said.
In late October, researchers at North
Carolina State University alerted Google to a practice called
"smishing" that can ensnare consumers in fraud.
Google's security officials confirmed the flaw and promising to correct it.
Within
days they had incorporated a fix into the latest version of the Android
operating system, Jelly Bean 4.2, and made available a security update
for earlier versions.
But for most Android phones, the fix never arrived, and for many, it never will, the Washington Post reports.
That
is because it is not clear which company, Google, the smartphone maker
or the wireless carrier that sells it, bears ultimate responsibility for
the costly process of getting security updates to an Android device.
According
to the paper, fixes to known security flaws can take many months to
reach individual smartphones, if they arrive at all.
Security
experts said that the problem has contributed to making the world's
most popular mobile operating system more vulnerable than its rivals to
hackers, scam artists and a growing universe of malicious software.
Breaches
remain more common on traditional computers than on smartphones, which
have been engineered to include security features not found on desktop
or laptop machines, experts added.
The report
pointed out that if there was a major outbreak of malicious software,
the fractured nature of the system for delivering updates could
dramatically slow efforts to protect information carried on Android
phones, including documents, passwords, contact lists, pictures, videos,
location data and credit card numbers.
No comments:
Post a Comment