Google has announced details of a new plan to ensure that Android smartphone manufacturers keep their devices updated – naming and shaming. Yes, a favourite technique of primary school teachers worldwide, the Californian technology firm has confirmed plans to hunt for dangerous bugs in the tweaked versions of Android that ship on devices from manufacturers like Samsung, Huawei and OnePlus.
Google security researchers already scour the version of Android developed by Google, which is available on its own Pixel-branded line of smartphones, as well as any handsets enrolled in the Android One scheme, like Nokia and HTC. However, Samsung, OnePlus and other third-parties will adapt this version of Android for their own devices – adding support for new features, like the folding screen on the Samsung Galaxy Z Fold2, or new designs, like the unique software design of the Sony Xperia range, for example.
Of course, these vast multi-national companies already have security teams of their own hunting for potentially harmful bugs or vulnerabilities in their software that could endanger smartphone owners from malware, phishing or adware. But sometimes, things get missed.
Starting now, Google plans to vet these versions of Android too, sharing anything negative they find publicly – to keep smartphone owners informed about the device in their pocket and spurring manufacturers into action to fix the issues as quickly as possible.
Given the amount of trust we place in our smartphone, saving credit and debit card information, phone numbers, banking apps, private and work emails, calendars with our every appointment, fitness and health data… the list goes on, it’s nice to see that Google will be checking all versions of Android in the near future through the so-called Android Partner Vulnerability Initiative, or APVI for short.
The team has already uncovered and reported a number of vulnerabilities to manufacturers, not all of which have been fixed. Google will always give manufacturers a heads-up about any vulnerabilities before making them public.
However, given the seriousness of some of these vulnerabilities, Google will keep its public bug tracker updated with details on some of these weaknesses after it deems that the smartphone maker has had enough time to resolve the issues. This means smartphone owners can decide whether to remove sensitive payment information or switch to a different device while waiting for a fix.
As it stands, Google has listed a number of issues found in ZTE, Vivo, Oppo and Huawei smartphones. You can find the details here
Published at Tue, 06 Oct 2020 06:31:00 +0000