Skip to main content

Don’t panic, but a bug in Linux is leaving 80% of all Android users open to hacks

google android choice at every turn nougat
Image used with permission by copyright holder
Another month, another large-scale Android vulnerability. A massive 80 percent of Android users have been left open to hacks that could result in hackers being able to gather information such as usernames and passwords.

The recently discovered vulnerability basically allows hackers to end connections, and if those connections aren’t encrypted, they can inject malicious code into communications between the two users, according to security firm Lookout.

According to Ars Technica, the flaw was originally found in Linux 3.6, which was introduced way back in 2012. That version of Linux was introduced into Android 4.4 KitKat, and is present in all versions of Android after KitKat, including Android Nougat, the latest version of Android. That means that a hefty 80 percent of users, or around 1.4 billion users, are open to the hack. As Ars Technica notes, a way that hackers could take advantage of the flaw is to insert code into internet traffic that displays a message saying that you have been logged out of an account and prompting you to log in again. Once you’ve inputted your username and password, the hackers can use that information for themselves.

“The issue should be concerning to Android users as attackers are able to execute this spying without traditional ‘man-in-the-middle’ attacks through which they must compromise the network in order to intercept the traffic,” said Andrew Blaich in a blog post for Lookout.

It’s important to note that the flaw goes beyond Android — it was introduced in the Linux kernel, which means that any software based on Linux could be open to it.

According to Google, engineers are aware of the flaw and are working on a way to patch it — so while it does appear in the latest version of Android, Android 7.0 Nougat, it’s likely we’ll see a patched version of the operating system once it’s finally released to the public.

Christian de Looper
Christian’s interest in technology began as a child in Australia, when he stumbled upon a computer at a garage sale that he…
Don’t pay the Verizon 5G tax for the Google Pixel 4a 5G
Google Pixel 4A 5G

Interested in picking up the new Google Pixel 4a 5G? You're not alone. With a relatively powerful chipset, incredible camera, and more, the device is shaping up to be one of the best devices available for under $500 this year.

Unless you're a Verizon customer.

Read more
4 things I love about the Pixel 4a, and 1 thing I don’t
google pixel 4a best features 01

When the Google Pixel 4a was announced with its brain-busting low price of $349, I wondered whether it's features would be amazing enough to be called Google-worthy. I also dreaded the compromises that could reduce the price to a point so low it might entice us out of hiding.

The Google Pixel 3a kept most of the camera quality from its more expensive siblings, so I certainly hoped that a cheaper Pixel would retain the famous photo capabilities. I was not disappointed, and though the Pixel 4a arrived with its own set of compromises, I found much to like. I also found one sad omission that could be a deal-breaker for some people.
Things I love about the Pixel 4a

Read more
On Pixel 4 battery, Google’s various teams don’t see pixel-to-pixel
Pixel 4 XL iPhone 11 Pro Samsung Galaxy Note 10 Plus

Despite all its machine learning prowess, Google doesn't learn.

Look at my Google Pixel phone reviews, from the original in 2016 and the Pixel 2 in 2017 to the Pixel 3 XL and the latest Pixel 4 XL: You'll notice the constant pain point in every review has been battery life. How is this a hard problem to solve?

Read more