Tag Archives: android smartphones

Hackers Can Steal Your Passwords Just by Monitoring SmartPhone Sensors

Do you know how many kinds of sensors your smartphone has inbuilt? And what data they gather about your physical and digital activities?

An average smartphone these days is packed with a wide array of sensors such as GPS, Camera, microphone, accelerometer, magnetometer, proximity, gyroscope, pedometer, and NFC, to name a few.

Now, according to a team of scientists from Newcastle University

How to Run Android on your iPhone using this 3D Printed Phone Case

Hackers and geeks always tinkered with their devices, regardless of their operating system, and are always behind the ways to run Android on iPhone, iOS on Android phones, or Dual-Boot iOS and Android together in a single device.

Though there are many solutions available on the Internet to solve these queries, but recently a hardware hacker has demonstrated a new way to run Android OS

Google Android N Preview — 6 Cool Features That You Should Know

Android N Developer Preview, an early beta of Google’s new mobile operating system that was expected to launch on Google I/O in mid-May, is unexpectedly launching right now.

Android N Developer Preview for the Nexus 6P, Nexus 5X, Nexus 6, Pixel C Nexus 9, the Nexus Player and the General Mobile 4G, an Android One device has been made available as an over-the-air update by Google on Wednesday.

Maru OS — Android ROM that Turns into Debian Linux When Connected to a PC

Good News for Linux Techno Freaks! Do you usually mess with your Android smartphone by trying out the continual ins and outs of various apps and custom ROMs?

Then this news would be a perfect pick for you!

What If, you can effectively carry a Linux computer in your pocket?

Hereby introducing a new Android-based Operating system named “Maru OS” that combine the mobility of a

Google Patches Critical Remotely-exploitable Flaws in Latest Android Update

update-android-mobile
Google has released the February Security Update for Android that patches multiple security vulnerabilities discovered in the latest version of Android operating system.
In total, there were five “critical” security vulnerabilities fixed in the release along with four “high” severity and one merely “moderate” issues.

Remote Code Execution Flaw in WiFi

A set of two critical vulnerabilities has been found in the Broadcom WiFi driver that could be exploited by attackers to perform Remote Code Execution (RCE) on affected Android devices when connected to the same network as the attacker.
The vulnerabilities (CVE-2016-0801 and CVE-2016-0802) can be exploited by sending specially crafted wireless control message packets that can corrupt kernel memory, potentially leading to remote code execution at the kernel level.

“These vulnerabilities can be triggered when the attacker and the victim are associated with the same network,” reads the advisory. “This issue is rated as a Critical severity due to the possibility of remote code execution in the context of the kernel without requiring user interaction.”

Remote Code Execution Flaw in Mediaserver

Another set of two critical security vulnerabilities were discovered in Mediaserver that was targeted last summer by critical Stagefright vulnerabilities and exploits, allowing anyone to compromise an Android device by sending just a specially crafted MMS message.
The recently discovered flaws (CVE-2016-0803 and CVE-2016-0804) in Mediaserver could enable remote code execution (RCE) on affected Android devices through email, web browsing, or MMS files when processing media files.
Moreover, a separate vulnerability called elevation of privilege (CVE-2016-0810) was also discovered in Mediaserver that could be exploited to gain elevated capabilities, including Signature or SignatureOrSystem permissions privileges, that aren’t accessible to third-party apps.
Two Elevation of Privilege vulnerabilities has also been found in Qualcomm components: the Qualcomm Performance Module (CVE-2016-0805) and the Qualcomm Wi-Fi Driver (CVE-2016-0806). Both the flaws, rated as critical, leveraged an attacker to launch further attacks.
Another critically rated bug (CVE-2016-0807) discovered in the Debuggerd component could open the door to execute arbitrary code within the device’s root level. Debuggerd is a software tool used for debugging and analyzing Android crashes.

Other high severity bugs include:

  • An elevation of privilege vulnerability in the Android Wi-Fi component
  • A denial-of-service vulnerability in the Minikin library
  • An information disclosure bug in libmediaplayerservice
The final set of vulnerabilities is an Elevation of Privilege flaw in Setup Wizard that could allow a hacker to bypass the Factory Reset Protection and gain access to the affected device.
All the Security patches are currently made available for Nexus devices only. Google also shared the patches with carrier and manufacturer partners on January 4, but users of other Android devices should have to wait until their devices receive an update.
Nexus device users are advised to patch the flaws by flashing their devices to this new build immediately. Users can also wait for the OTA (Over-the-Air) update that will be out in the next week or so.

Hacking Smartphones Running on MediaTek Processors

A dangerous backdoor has been discovered in the MediaTek processor that could be exploited to hack Android devices remotely.

MediaTek is a Taiwan-based hardware company that manufacture hardware chips and processor used in the smartphones and tablets.

The backdoor was discovered by security researcher Justin Case, who already informed MediaTek about the security issue via Twitter, as