tech2 News StaffSep 06, 2018 15:01:33 IST
A research report from a cybersecurity firm may have just discovered a vulnerability in Android smartphones which allows apps to ignore permissions and access that are found in system broadcasts.
What this essentially means is that apps will be accessing the name of your Wi-Fi network, BSSID, the MAC address of the device, local IP address and DNS server information. While that does not reveal what the apps are capable of doing with that information, a little bit of digging into that data may let the app geo-locate and track you through your Android device, all the way down to a street address.
The research report published by Nightwatch Cybersecurity also reveals that hackers could even use the data to attack a Wi-Fi network. What's worse is that the firm claims that the vulnerability affects all Android devices including forked versions, which include Amazon's FireOS.
According to Nightwatch, “The vendor (Google) fixed these issues in Android P / 9 but does not plan to fix older versions. Users are encouraged to upgrade to Android P / 9 or later.”
While there isn't any data out yet to suggest that the vulnerability has been tapped into so far, but given that it does affect such a vast number of devices, there could have been instances.
Google seems to have already addressed the issue in Android 9 Pie, but we all know that only a handful of devices so far have received an update to Android P. According to this chart, which shows the Android OS market share till August end, you barely see Android 9 Pie anywhere. So for all practical purposes, majority of Android devices are vulnerable to this security flaw which Nightwatch has discovered.
At the moment, Google is yet to put out an official statement on this finding. We will update the story accordingly.
Find latest and upcoming tech gadgets online on Tech2 Gadgets. Get technology news, gadgets reviews & ratings. Popular gadgets including laptop, tablet and mobile specifications, features, prices, comparison.