Researchers Fear That Smartphone OEMs Are A Huge Threat To Android Device Owners


Google might have come a long way with implementing robust security features in the company’s Marshmallow update, but the tech giant has a very long way to go before it can deem its platform a secure one. In fact, a group of security researchers are under the impression that while Android needs a bit of tuning when security is concerned, it is smartphone OEMs that present a larger threat to smartphone consumers.

Security Researchers Believe That Heavy Modifications Are The Reason Why Android Devices Are So Vulnerable

A team of researchers recently checked the strength integrity of Android Lollipop 5.0 have concluded that an abundant number of changes are going to have to be introduced if Android is going to be become much more secure in the distant future. Intel, Elena Reshetova and her colleagues from Finland's Aalto have stated the following regarding the security of the platform.

“Starting from the 5.0 Lollipop release all Android processes must be run inside confined SEAndroid access control domains. As a result, Android device manufacturers were compelled to develop SEAndroid expertise in order to create policies for their device-specific components. In this paper we analyse SEAndroid policies from a number of 5.0 Lollipop devices on the market, and identify patterns of common problems we found. We also suggest some practical tools that can improve policy design and analysis. We implemented the fist of such tools, SEAL.”

Improving additional policies would also allow security of Android to thoroughly improve, but the primary issue arises when smartphone OEMs decided to go down their own preferred path and heavily customize the interfaces of Google’s mobile platform. Take Samsung for instance; the South Korean tech firm has been severely criticized of its TouchWiz interface of being too heavy on the device’s resources despite the fact that there are really impressive hardware components incorporated inside the company’s flagship handset family.

As a result of this heavy customization, the researchers state that lots of vulnerabilities will continue to sprout up. While providing security on a software level will obviously take a great deal to accomplish, other manufacturers have taken upon themselves to place in some advanced security measures like iris scanners and voice recognition features (case in point will be UMi iRon Pro, which is going to be the world’s first handset to sport all three security features) in order to give the user a larger degree of comfort.

The only disappointing thing is that we do not see smartphone OEMs moving away from their heavy modifications approach, which only means that Android devices will have newer vulnerabilities that will pop up in the near future. Do you guys think that there can be a suitable alternative for this? Let us know your thoughts.