Over a billion devices on Android are at risk of being compromised due to outdated security mechanisms. This was reported by researchers at the British consumer magazine “Which?” They analyzed the market situation and found that 40% of users – which means almost one in two – no longer receive security updates because their devices are running outdated versions of the operating system. But there are also those who are entitled to patches, but in reality they do not reach them, expanding the circle of potential victims of hacker attacks even more.
40% Android – smartphones do not receive security updates and this is a problem. True, not for everyone
What hackers can do with a smartphone
Hacking a smartphone based on the old version Android allows vulnerabilities that are exposed in the operating system. Because Google stops supplying them with security updates that fix these kinds of flaws, these devices are becoming easy money for attackers.
With the proper skill, hackers can take control of the device, steal data from memory, make calls, read SMS messages and even send them on their own, not to mention reading keystrokes, which makes it possible to reveal passwords to the accounts used.
Can you hack Android
All older smartphones that are no longer updated have vulnerabilities. Deal with it
Researchers “Which?” sent the findings to Google, but the company firmly denied the magazine's accusations. According to representatives of the search giant, the numbers that appear in the report “Which?” are greatly exaggerated, because, according to information from the order of the company itself, at the moment we can talk about a maximum of several million devices. Indeed, this is still a large figure, but Google assures that these are versions that are not officially updated.
It turns out that the researchers of Which? express their indignation at the fact that there are a huge number of devices on the market whose owners are not protected from hacker attacks. Google, for its part, appeals to the fact that devices that are no longer supported for a long time are at risk. So who's right?
I prefer to side with Google in this debate for several reasons. Firstly, she is not responsible for supporting devices on Android, but their manufacturers. Google only releases updates that vendors are free to adapt or not, which is most often the case. Secondly, for some reason, no one makes Apple claims for vulnerabilities in iOS 6. Yes, iOS 6 came out almost 10 years ago, but we remember that Google has a completely different approach to support.
Who is eligible for security updates
I think you remember that about half a year ago I bought my Honor View 20, which at that time was the company's flagship Honor, but after just a couple of months I was left without updates. It would seem that the device is still relevant and even claims to be Android 11, but for some reason it was deprived of security patches.
Why this happens is not known exactly, but there are probably a great many like me. It's just that the manufacturers for the most part, having sold the device, successfully forget about it, because the adaptation of updates takes time, effort and money, but it does not bring any exhaust.
How to protect Android from hacking
Even a new smartphone does not guarantee you that the manufacturer will support it.
So what should you do? I recommend just following my example, namely, to relax. Despite the fact that there have always been vulnerabilities in smartphones and are unlikely to go anywhere in the future, because they are contained not only in the operating system, which can still be patched, but also in processors and other hardware.
Remember the unrecoverable Specter and Meltdown vulnerabilities that everyone was running around with a couple of years ago? So today, many do not even remember them, because they do not observe real problems in their lives from their presence.
Malicious applications for Android
And there are no problems, because in order for a hacker to decide to exploit a vulnerability specifically against you, you have to be something. For example, being the founder of the world's largest online trading network or an Arab sheikh. Otherwise, no one will specifically hunt you, because it is too expensive.
Better, an attacker would write a spyware program and release it on the Internet, from where someone will probably download it, and then give it all the privileges so that you can collect logins, passwords, and anything else. Therefore, first of all, you should be afraid of your own negligence, but not vulnerabilities.