Pre-Installed Apps On Android Smartphones Present Security Issues
If you have an Android smartphone, you’ve probably noticed that there are a number of apps that came pre-loaded on it that you don’t need and don’t use. These apps come from the phone’s manufacturer, but as Liam Tung of ZDNet writes, they may be creating vulnerabilities in your smartphone’s security.
Researchers at North Carolina State University examined pre-installed apps on smartphones made by Google, Samsung, HTC, LG and Sony. Of the 10 devices studied, 86-percent of pre-loaded apps requested more permissions than they actually used. This gives the apps access to data they don’t need, but that data becomes accessible when the app is compromised.
In terms of sheer number of vulnerable, pre-installed apps, the HTC Wildfire S and the Samsung Galaxy S2 had the most of the pre-2012 devices. For post 2012, the Samsung Galaxy S3 contained a stunning 40 vulnerabilities. In contrast, Google’s Nexus 4 only had three vulnerabilities.
Google itself has a good track record for releasing security patches to fix vulnerabilities found on their hardware. However, for individual manufacturers like Samsung, Sony and HTC, these patches take time to roll out to customers. For the devices studied, an average of 6-months is how long it took for an officially released security patch to finally make it to all affected customers. That amount of time leaves a large window for hackers to exploit those vulnerabilities.
Some of these native apps are able to be removed by users, but many others cannot be. This means users stay at risk until an appropriate security patch is released to fix the problem. So, next time you’re in the market for a new Android smartphone, be sure to consider how many pre-installed apps it comes with.
At Geek Rescue, we remove malware, fix broken hardware and improve security on all kinds of devices, including smartphones. Whatever your issue, call us at 918-369-4335 or stop by one of our locations.
November 6th, 2013