Thursday, 10 January 2019

Android Version of Chrome could be leaking your information

Android Version of Chrome could be leaking your information
Android is the most used software system around the world with over 2 billion users worldwide. The immensely popular, Android comes with a number of pre downloaded apps that users can get their hands on after switching on their phones. But now as news of a flaw in the software causes many users to start losing faith in Android, here’s all we know of the problem so far….

The problem has to do with the Android version of Chrome which is the most used browser on Android. Security experts associated with the problem have said that they have found a shock issue relating to the Android version of Chrome.

More on the issue associated with the Android Version of Chrome: 


Experts up at the Nightwatch cybersecurity have said that there is a shock issue with the Android version of Chrome. This issue could potentially lead to the popular browser leaking a phone’s information. Information such as the firmware model of the phone, security patch level and hardware model are all susceptible to the leak.

The Android version Chrome is not the only Google app that comes with such problems. Security experts have also commented on WebView and other Chrome Tabs on Android that too discloses the phones private information.

Any other Android apps running on Chrome to render web content will also be susceptible to the flaw.

What this Flaw on the Android Version of Chrome means for you? 


With the Android version of Chrome be susceptible to leaks, it means that no Android device is really safe. But what all this translates for you is that the information so obtained through the flaw can be used to track users and also fingerprint devices.

Besides this users phones vulnerabilities can also be determined and then used to get further information form the phone. This is not even the main part of the issue here. Experts say that the flaw pertaining to the Android version of Chrome was discovered back in 2015.

What Google did About it? 


As experts submitted the initial report pertaining to the bug back in 2015, Google gave a partial fix only in October 2018 for version 70. The fix is supposed to hide the firmware information and retain the hardware model identifier.

All versions of the app seem to be affected and users are encouraged to update to the latest version.
As for WebView users, this fix is not applicable and app developers should manually override the user agent configuration in their respective apps.

 

Fake apps on the Google Play Store: 


Recently fake apps were discovered on the Google Play Store. These apps have reportedly been downloaded tens and thousands of times. These apps were found on the Google Play Store and hid themselves as PDF readers, scanners and converters.

The apps themselves seem to be genuine but don’t offer the functionality that they were intended for. These apps are meant to increase the download count for other related apps and also to improve their ratings.

No comments:

Post a comment

Note: only a member of this blog may post a comment.