Results 1 to 14 of 14

Thread: 900 million Qualcomm Android devices vulnerable to attack

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    29,046
    Thanks
    0
    Thanked
    1,868 times in 641 posts

    900 million Qualcomm Android devices vulnerable to attack

    'QuadRooter' vulnerabilities found in newest flagships and even the BlackBerry Priv.
    Read more.

  2. #2
    Senior Member
    Join Date
    Feb 2012
    Location
    Duisburg, Germany
    Posts
    260
    Thanks
    26
    Thanked
    41 times in 37 posts
    • Bambooz's system
      • Motherboard:
      • ASRock Fatal1ty P67 Performance
      • CPU:
      • Core i7 2600k @ 4.8 with Thermalright Macho Rev.2 (BW)
      • Memory:
      • 32GB Crucial Ballistix Sport VLP DDR3-1600
      • Storage:
      • Crucial M4 256GB + 4x2TB WD RE4 + 2x1TB Hitachi 7K1000.D
      • Graphics card(s):
      • MSI Geforce GTX 1080 Gaming X
      • PSU:
      • Seasonic S12-II 430W (no, not a typo)
      • Case:
      • Fractal Design Arc Midi
      • Operating System:
      • Windows 7 Ultimate 64 Bit
      • Monitor(s):
      • Samsung S27D850T (27" 1440p) + Samsung 2333T (23" 1080p)
      • Internet:
      • VDSL 100/40mbps

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Clickbait title deluxe (like everywhere else really). Blowing up "there's an option to root your phone" to "900 million devices vulnerable/exploitable" .. jeez
    Worst thing is that there's a fix, meaning that a bunch of phones will lose one (or in some cases the only) way to get root to get rid of manufacturer preinstalled garbage. nice...

  3. #3
    Senior Member
    Join Date
    Sep 2012
    Posts
    268
    Thanks
    1
    Thanked
    14 times in 12 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Installed on my rooted Galaxy S7, no quadrooter vuln found

  4. #4
    Senior Member
    Join Date
    Jun 2004
    Location
    Kingdom of Fife (Scotland)
    Posts
    4,991
    Thanks
    393
    Thanked
    220 times in 190 posts
    • crossy's system
      • Motherboard:
      • ASUS Sabertooth X99
      • CPU:
      • Intel 5830k / Noctua NH-D15
      • Memory:
      • 32GB Crucial Ballistix DDR4
      • Storage:
      • 500GB Samsung 850Pro NVMe, 1TB Samsung 850EVO SSD, 1TB Seagate SSHD, 2TB WD Green, 8TB Seagate
      • Graphics card(s):
      • Asus Strix GTX970OC
      • PSU:
      • Corsair AX750 (modular)
      • Case:
      • Coolermaster HAF932 (with wheels)
      • Operating System:
      • Windows 10 Pro 64bit, Ubuntu 16.04LTS
      • Monitor(s):
      • LG Flattron W2361V
      • Internet:
      • VirginMedia 200Mb

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Erm, as a Samsung S7 Edge user I thought it was only the US versions that were "Qualcomm Inside", the rest (like mine) use Exynos. Still the warning was handy because there's a G4 and a 5X in the house. Thanks!

    Career status: still enjoying my new career in DevOps, but it's keeping me busy...

  5. #5
    Registered+
    Join Date
    Oct 2015
    Posts
    53
    Thanks
    5
    Thanked
    0 times in 0 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Article would be much more interesting and worth reading if you would include how that vulnerability is working...

  6. #6
    Senior Member
    Join Date
    Aug 2009
    Location
    UK
    Posts
    376
    Thanks
    14
    Thanked
    18 times in 15 posts
    • Jace007's system
      • CPU:
      • Intel i7 7700k
      • Memory:
      • 16GB
      • Storage:
      • 500GB SSD
      • Graphics card(s):
      • nVidia 1080
      • PSU:
      • EVGA 750w
      • Operating System:
      • WinLOW

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Checkpoint being an Israeli company i wouldn't be surprised they pushed this out, just so more people load Checkpoints own spyware crap onto their mobiles, just scare mongering

  7. #7
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,381
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  8. Received thanks from:

    [DW]Cougho (10-08-2016)

  9. #8
    Senior Member
    Join Date
    Aug 2003
    Location
    Edinburgh
    Posts
    594
    Thanks
    4
    Thanked
    11 times in 10 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    My Nexus 6 Got a OS patch last night funny enough... I wonder if that was google fixing it?

    EDIT: Should have read that link from ComputerWorld, talk about talking up nothing.
    Last edited by Defiant; 10-08-2016 at 12:24 PM.

  10. #9
    Member
    Join Date
    Apr 2012
    Posts
    195
    Thanks
    0
    Thanked
    11 times in 11 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Another vulnerability related to Android, who'd have thought that would happen.... er again

    .... and again...

    ... and again

    Well at least this one was brought out for the latest hardware this time!!

  11. #10
    Gentoo Ricer
    Join Date
    Jan 2005
    Location
    Galway
    Posts
    11,039
    Thanks
    1,014
    Thanked
    944 times in 704 posts
    • aidanjt's system
      • Motherboard:
      • Asus Strix Z370-G
      • CPU:
      • Intel i7-8700K
      • Memory:
      • 2x8GB Corsiar LPX 3000C15
      • Storage:
      • 500GB Samsung 960 EVO
      • Graphics card(s):
      • EVGA GTX 970 SC ACX 2.0
      • PSU:
      • EVGA G3 750W
      • Case:
      • Fractal Design Define C Mini
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • Asus MG279Q
      • Internet:
      • 240mbps Virgin Cable

    Re: 900 million Qualcomm Android devices vulnerable to attack

    A 60MB patch just came in for my OnePlus One, I assume this is what it fixes.
    Quote Originally Posted by Agent View Post
    ...every time Creative bring out a new card range their advertising makes it sound like they have discovered a way to insert a thousand Chuck Norris super dwarfs in your ears...

  12. #11
    Registered+
    Join Date
    Aug 2016
    Posts
    20
    Thanks
    0
    Thanked
    2 times in 2 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    There will always be security holes in Android devices due to it being so open. Just get an iPhone and be done with it

  13. #12
    Banhammer in peace PeterB kalniel's Avatar
    Join Date
    Aug 2005
    Posts
    29,230
    Thanks
    1,526
    Thanked
    2,945 times in 2,386 posts
    • kalniel's system
      • Motherboard:
      • Gigabyte X58A UD3R rev 2
      • CPU:
      • Intel Xeon X5680
      • Memory:
      • 12gb DDR3 2000
      • Graphics card(s):
      • nVidia GTX 1060 6GB
      • PSU:
      • Seasonic 600W
      • Case:
      • Cooler Master HAF 912
      • Operating System:
      • Win 10 Pro x64
      • Monitor(s):
      • Dell U2311H
      • Internet:
      • O2 8mbps

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Quote Originally Posted by jfell View Post
    There will always be security holes in Android devices due to it being so open. Just get an iPhone and be done with it
    Does closed software have fewer holes, or just holes which remain open for longer?

  14. #13
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,381
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Quote Originally Posted by jfell View Post
    There will always be security holes in Android devices due to it being so open. Just get an iPhone and be done with it
    A. Ignoring the fact that iOS is based on open source BSD UNIX?

    B. Why should closed source be inherently more secure than open source?

    C. What do you mean by 'secure'?

    I would point out that the Enhance Security Linux (Linus SE, open source) is (AFAIK) the only operating system that offers true multilevel security.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  15. #14
    Senior Member watercooled's Avatar
    Join Date
    Jan 2009
    Posts
    10,879
    Thanks
    1,503
    Thanked
    936 times in 806 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Quote Originally Posted by jfell View Post
    There will always be security holes in Android devices due to it being so open. Just get an iPhone and be done with it
    Maybe now is a good time to mention the bug was in a piece of closed-source software from Qualcomm?

    But that's besides the point - closed vs open is irrelevant when it comes to security holes as above. The source code of closed-source software isn't visible to as many people (hence the name) so in theory there aren't as many people looking at said code for bugs. Is that a good thing? People either side of the fence will vehemently disagree over this, but here are the points you have to consider:

    Not as easy for researchers to look for bugs and correct them, vs less for people with malicious intent to work with.
    Even without the source (as is the case here), bugs can be found and exploited, and unless someone publishes their findings, we have a zero-day.
    With closed-source, there's also a greater risk of the developer surreptitiously inserting malicious code or just not bothering to patch known holes - these are also potentially exploitable, so you need to have a greater degree of trust in the developer with closed-source.

    Neither closed nor open source code is inherently more secure; and neither is a substitute for well-written and audited code.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •