“3 billion” devices with multiple vulnerabilities that sound like RCE via things like video playback with “fixing them requires a long chain of communication between many vendors, manufacturers and resellers” sounds like a total disaster to me. Many (most?) Android phones in use will never see an update!
“3 billion” devices with multiple vulnerabilities that sound like RCE via things like video playback with “fixing them requires a long chain of communication between many vendors, manufacturers and resellers” sounds like a total disaster to me. Many (most?) Android phones in use will never see an update!
The only way is to buy a phone without Qualcomm processors, that leaves the option of poor Exynos, or the much better Mediatek and Kirin chips.
Yeah, until someone looks at their “security” :D
Well, these Black Hat guys do look at the security of non Qualcomm devices, it seems.
https://github.com/secmob/TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices/raw/master/us-20-Gong-TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices.pdf
Go to page 5 of PDF