Tag: Flaws

03
Oct
2020
Posted in technology

Google initiative warns of Android security flaws in non-Pixel devices

Google already has efforts to improve Android security, such as speeding updates and offering bug bounties, but it’s now ramping things up by disclosing flaws for software it didn’t write. The company has launched an Android Partner Vulnerability Initiative (via XDA-Developers) to manage security flaws it discovers that are specific to third-party Android devices. Google hopes to both “drive remediation” (read: prompt faster patch releases) and warn users about potential problems.



a hand holding a cellphone: Huawei P30 and P30 Pro running Android


Huawei P30 and P30 Pro running Android

The company added that its initiative had already addressed a number of Android issues. It didn’t mention companies by name in a blog post, but a bug tracker for the program mentioned several manufacturers. Huawei had issues with insecure device backups in 2019, for example. Oppo and Vivo phones had sideloading vulnerabilities. ZTE had weaknesses in its message service and browser autofill. Other affected vendors included Meizu, chip maker MediaTek, Digitime, and Transsion.

Google notified all of the vendors before disclosing the flaws, and most if not all appear to have been fixed.

The move is a reminder to keep your device updated, of course, but it also applies pressure to Android partners — fix your flaws or the public will know that you didn’t. If that works, you’ll hopefully see a stronger emphasis on security across the Android ecosystem, not just from Google itself.

Continue Reading

Source Article

01
Oct
2020
Posted in technology

Huawei Has Failed To Resolve Security Flaws, U.K. Government Report Says

Topline

Huawei has failed to adequately resolve security flaws in the equipment used by the U.K. telecom networks, the British government’s cyber-spy agency said in an official report released a few months after the Chinese telecom equipment-maker was barred from the country’s 5G mobile networks over security concerns.

Key Facts

The report, prepared by a U.K. government board led by a member of the cyber-intelligence agency Government Communications Headquarters (GCHQ) found that there had been no evidence that the Chinese firm has made a significant shift on the matter, the BBC reported.

The report added that while some improvements were made by Huawei, the board could only provide “limited assurance that all risks to UK national security” could be mitigated in the long-term.

The U.K. government had initiated a review of Huawei’s network equipment after the U.S. government issued sanctions against the company in May restricting it from sourcing key components from American suppliers.

Following the sanctions, Britain’s National Cyber Security Centre had determined that Huawei’s equipment could no longer be considered safe as it had to rely on non-US components.

The Trump administration has cracked down on Chinese tech firms over security concerns within the U.S. while also engaging in diplomatic efforts to pressure European governments to bar Huawei devices from being used in their 5G networks.

Big Number

£2 billion. That is how much the ban on Huawei would cost the U.K government, as the move would result in a delay of up to three years in the country’s planned 5G rollout, Culture Secretary Oliver Dowden had told the British parliament.

Tangent

Germany is set to impose new restrictions on telecom equipment providers which would effectively prevent Huawei’s devices from