Millions of Android devices could be vulnerable from the moment they’re taken out of their boxes, thanks to a combination of manufacturer skins and carrier bloatware added to the Android operating system’s firmware.
The news comes from a study by mobile security firm Kryptowire. It tested 10 devices sold across the U.S. by a variety of carriers and discovered that various additions made to the Android operating system by manufacturers and carriers could leave users open to being hijacked and hacked. According to Wired, these vulnerabilities ranged from getting unfettered access to the microphone to being able to completely lock a user out of their phone.
A particularly disturbing example was the Asus ZenFone V Live, which was discovered to have security flaws that could lead to the entire system being taken over. From there, a hacker could take screenshots, screen recordings, tampering with text messages and phone calls, and more. Asus is aware of this issue and is working to seal the hole.
Android’s open-source nature is one of its major strengths, and that accessibility has allowed manufacturers to put their own spins on Google’s operating system, whether that be the light changes made by Motorola, the larger changes made by Samsung, or the vast overhauls made by Huawei to the core Android systems.
While these changes allow each company to use Android while still being individual, tampering with such core code always comes with risks. In addition, having to make big changes to Google’s code often means that vital security patches and major updates can be much slower on phones with significant UI changes. Carrier bloatware — apps added after manufacture by networks — is often unremovable, can also add to security problems if delivered with security issues at the time of release.
In order to avoid possible security issues, it’s best to always make sure your phone is fully up-to-date and only ever install apps from the Google Play Store. Updates can commonly be found in Settings > System > Updates, though that may change from phone to phone. We’ve also put together a guide on how to remove or disable bloatware, as well as some of the best antivirus and security Android apps available, so you can ensure your security is in tip-top shape.
- How to root Android phones or tablets (and unroot them)
- What is Android? All your questions about the operating system answered
- Android 9.0 Pie: Everything you need to know
- Android 8.0 Oreo is now on almost 15 percent of active devices
- When is your phone getting Android 8.0 Oreo? We asked every major manufacturer