Results 1 to 14 of 14

Thread: 900 million Qualcomm Android devices vulnerable to attack

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    31,709
    Thanks
    0
    Thanked
    2,073 times in 719 posts

    900 million Qualcomm Android devices vulnerable to attack

    'QuadRooter' vulnerabilities found in newest flagships and even the BlackBerry Priv.
    Read more.

  2. #2
    Senior Member
    Join Date
    Feb 2012
    Location
    Duisburg, Germany
    Posts
    286
    Thanks
    33
    Thanked
    46 times in 41 posts
    • Bambooz's system
      • Motherboard:
      • Asus ROG Strix X470-F
      • CPU:
      • Ryzen 7 3700X + AnfiTec Drei
      • Memory:
      • 64GB Crucial Ballistix Sport LT (E-Die) DDR4-3200 @ 3600
      • Storage:
      • Samsung SM961 (= 960 Pro) 512GB NVMe (OS) + 2TB Micron 1300 (games) + 2x 8TB WD Red (cold storage)
      • Graphics card(s):
      • MSI Geforce GTX 1080 Gaming X 8GB (under EK Fullcover block)
      • PSU:
      • Seasonic Platinum Fanless 520W (SS-520FL2)
      • Case:
      • Fractal Design Arc XL
      • Operating System:
      • Win 10 LTSC 2019
      • Monitor(s):
      • Samsung S27D850T (27" 1440p) + 2x Samsung 2333T (23" 1080p)
      • Internet:
      • VDSL 100/40mbps

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Clickbait title deluxe (like everywhere else really). Blowing up "there's an option to root your phone" to "900 million devices vulnerable/exploitable" .. jeez
    Worst thing is that there's a fix, meaning that a bunch of phones will lose one (or in some cases the only) way to get root to get rid of manufacturer preinstalled garbage. nice...

  3. #3
    Senior Member
    Join Date
    Sep 2012
    Posts
    268
    Thanks
    1
    Thanked
    14 times in 12 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Installed on my rooted Galaxy S7, no quadrooter vuln found

  4. #4
    Senior Member
    Join Date
    Jun 2004
    Location
    Kingdom of Fife (Scotland)
    Posts
    4,991
    Thanks
    393
    Thanked
    220 times in 190 posts
    • crossy's system
      • Motherboard:
      • ASUS Sabertooth X99
      • CPU:
      • Intel 5830k / Noctua NH-D15
      • Memory:
      • 32GB Crucial Ballistix DDR4
      • Storage:
      • 500GB Samsung 850Pro NVMe, 1TB Samsung 850EVO SSD, 1TB Seagate SSHD, 2TB WD Green, 8TB Seagate
      • Graphics card(s):
      • Asus Strix GTX970OC
      • PSU:
      • Corsair AX750 (modular)
      • Case:
      • Coolermaster HAF932 (with wheels)
      • Operating System:
      • Windows 10 Pro 64bit, Ubuntu 16.04LTS
      • Monitor(s):
      • LG Flattron W2361V
      • Internet:
      • VirginMedia 200Mb

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Erm, as a Samsung S7 Edge user I thought it was only the US versions that were "Qualcomm Inside", the rest (like mine) use Exynos. Still the warning was handy because there's a G4 and a 5X in the house. Thanks!

    Career status: still enjoying my new career in DevOps, but it's keeping me busy...

  5. #5
    Registered+
    Join Date
    Oct 2015
    Posts
    53
    Thanks
    5
    Thanked
    0 times in 0 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Article would be much more interesting and worth reading if you would include how that vulnerability is working...

  6. #6
    Senior Member
    Join Date
    Aug 2009
    Location
    UK
    Posts
    431
    Thanks
    20
    Thanked
    33 times in 27 posts
    • Jace007's system
      • CPU:
      • Intel i7 7700k
      • Memory:
      • 16GB
      • Storage:
      • 500GB SSD
      • Graphics card(s):
      • nVidia 1080
      • PSU:
      • EVGA 750w
      • Operating System:
      • WinLOW

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Checkpoint being an Israeli company i wouldn't be surprised they pushed this out, just so more people load Checkpoints own spyware crap onto their mobiles, just scare mongering

  7. #7
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,378
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  8. Received thanks from:

    [DW]Cougho (10-08-2016)

  9. #8
    Senior Member
    Join Date
    Aug 2003
    Location
    Edinburgh
    Posts
    594
    Thanks
    4
    Thanked
    11 times in 10 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    My Nexus 6 Got a OS patch last night funny enough... I wonder if that was google fixing it?

    EDIT: Should have read that link from ComputerWorld, talk about talking up nothing.
    Last edited by Defiant; 10-08-2016 at 12:24 PM.

  10. #9
    Member
    Join Date
    Apr 2012
    Posts
    195
    Thanks
    0
    Thanked
    11 times in 11 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Another vulnerability related to Android, who'd have thought that would happen.... er again

    .... and again...

    ... and again

    Well at least this one was brought out for the latest hardware this time!!

  11. #10
    Gentoo Ricer
    Join Date
    Jan 2005
    Location
    Galway
    Posts
    11,048
    Thanks
    1,016
    Thanked
    944 times in 704 posts
    • aidanjt's system
      • Motherboard:
      • Asus Strix Z370-G
      • CPU:
      • Intel i7-8700K
      • Memory:
      • 2x8GB Corsiar LPX 3000C15
      • Storage:
      • 500GB Samsung 960 EVO
      • Graphics card(s):
      • EVGA GTX 970 SC ACX 2.0
      • PSU:
      • EVGA G3 750W
      • Case:
      • Fractal Design Define C Mini
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • Asus MG279Q
      • Internet:
      • 240mbps Virgin Cable

    Re: 900 million Qualcomm Android devices vulnerable to attack

    A 60MB patch just came in for my OnePlus One, I assume this is what it fixes.
    Quote Originally Posted by Agent View Post
    ...every time Creative bring out a new card range their advertising makes it sound like they have discovered a way to insert a thousand Chuck Norris super dwarfs in your ears...

  12. #11
    Registered+
    Join Date
    Aug 2016
    Posts
    21
    Thanks
    0
    Thanked
    2 times in 2 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    There will always be security holes in Android devices due to it being so open. Just get an iPhone and be done with it

  13. #12
    Banhammer in peace PeterB kalniel's Avatar
    Join Date
    Aug 2005
    Posts
    30,945
    Thanks
    1,845
    Thanked
    3,356 times in 2,698 posts
    • kalniel's system
      • Motherboard:
      • Gigabyte Z390 Aorus Ultra
      • CPU:
      • Intel i9 9900k
      • Memory:
      • 32GB DDR4 3200 CL16
      • Storage:
      • 1TB Samsung 970Evo+ NVMe
      • Graphics card(s):
      • nVidia GTX 1060 6GB
      • PSU:
      • Seasonic 600W
      • Case:
      • Cooler Master HAF 912
      • Operating System:
      • Win 10 Pro x64
      • Monitor(s):
      • Dell S2721DGF
      • Internet:
      • rubbish

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Quote Originally Posted by jfell View Post
    There will always be security holes in Android devices due to it being so open. Just get an iPhone and be done with it
    Does closed software have fewer holes, or just holes which remain open for longer?

  14. #13
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,378
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Quote Originally Posted by jfell View Post
    There will always be security holes in Android devices due to it being so open. Just get an iPhone and be done with it
    A. Ignoring the fact that iOS is based on open source BSD UNIX?

    B. Why should closed source be inherently more secure than open source?

    C. What do you mean by 'secure'?

    I would point out that the Enhance Security Linux (Linus SE, open source) is (AFAIK) the only operating system that offers true multilevel security.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  15. #14
    Senior Member watercooled's Avatar
    Join Date
    Jan 2009
    Posts
    11,474
    Thanks
    1,541
    Thanked
    1,029 times in 872 posts

    Re: 900 million Qualcomm Android devices vulnerable to attack

    Quote Originally Posted by jfell View Post
    There will always be security holes in Android devices due to it being so open. Just get an iPhone and be done with it
    Maybe now is a good time to mention the bug was in a piece of closed-source software from Qualcomm?

    But that's besides the point - closed vs open is irrelevant when it comes to security holes as above. The source code of closed-source software isn't visible to as many people (hence the name) so in theory there aren't as many people looking at said code for bugs. Is that a good thing? People either side of the fence will vehemently disagree over this, but here are the points you have to consider:

    Not as easy for researchers to look for bugs and correct them, vs less for people with malicious intent to work with.
    Even without the source (as is the case here), bugs can be found and exploited, and unless someone publishes their findings, we have a zero-day.
    With closed-source, there's also a greater risk of the developer surreptitiously inserting malicious code or just not bothering to patch known holes - these are also potentially exploitable, so you need to have a greater degree of trust in the developer with closed-source.

    Neither closed nor open source code is inherently more secure; and neither is a substitute for well-written and audited code.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •