Jump to content

Stagefright patch vulnerable to stagefright

jos
By jos
in Tech News
 Share
Posted

Last week Google, Samsung, LG and other major smartphone manufacturers promised to patch the Stagefright vulnerabilities promptly, and some of them have already started to send the fixes over the air. After the patch was sent to the Nexus 5, the researcher managed to create an MP4 file that would bypass the patch, and he received a crash message, which points to some level of success. And need patching

 

One good thing came is another update for Android 4.0 and later versions received support for a security feature called address space layout randomization (ASLR), which makes it much harder for attackers to insert malware into Android devices. but the newly discovered Stagefright needs to be patched again, 

 

Apple, Microsoft and even the fragmented "Linux" ecosystem all have a much better security update model than Android has right now. In the Android ecosystem, the model seems to be companies fixing stuff whenever they feel like it, and if they feel like it. That's a model that certainly can't scale to billions of users -- not without leaving a majority of them always vulnerable to some bug or another.

 

 

There should be a system through which small updates gets installed automatically like in desktop windows..

Source: http://www.tomshardware.com/news/android-update-system-needs-fixing,29848.html

Vote For your Favorite Windows Here

Link to comment
https://linustechtips.com/topic/430083-stagefright-patch-vulnerable-to-stagefright/
Share on other sites
Link to post
Share on other sites
Posted

There should be a system through which small updates gets installed automatically like in desktop windows..

Source: http://www.tomshardware.com/news/android-update-system-needs-fixing,29848.html

there is

it has already been implemented in 5.0

If your grave doesn't say "rest in peace" on it You are automatically drafted into the skeleton war.

Link to post
Share on other sites
Posted

That's just embarrassingly bad. Google needs to do something about updates on Android. An updating system like on Windows would be ideal, but it seems like there is something about phones and other ARM devices which doesn't make it possible.

Cyanogenmod has apparently already patched it though. So at least people running that will be safe (and a few hundred million devices unsafe...).

 

By the way, this security hole seems to exists because of DRM. Just another reason why we need to get rid of the cancer that is DRM.

Link to post
Share on other sites
Posted
  • Author

there is

it has already been implemented in 5.0

It  has not.

Only the web rendering engine used by apps gets updated, if you use google proprietary engine called google web view. 

In Linux desktop even kernels are updated regularly

Vote For your Favorite Windows Here

Link to post
Share on other sites
Posted

My device is immune to stagefright :P Android 5.1.1 (custom ROM) is immune to stagefright.

System Specs:

CPU: Ryzen 7 5800X

GPU: Radeon RX 7900 XT 

RAM: 32GB 3600MHz

HDD: 1TB Sabrent NVMe -  WD 1TB Black - WD 2TB Green -  WD 4TB Blue

MB: Gigabyte  B550 Gaming X- RGB Disabled

PSU: Corsair RM850x 80 Plus Gold

Case: BeQuiet! Silent Base 801 Black

Cooler: Noctua NH-DH15

 

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×