p*******m 发帖数: 20761 | 1 果鸡万岁
The Consumentenbond accuses Samsung of unfair trade practices, claiming that
the company does not explicitly mention for how long customers should
expect to receive software updates. Furthermore, Samsung is also blamed for
not being transparent regarding critical security updates, such as the one
required to fix the Stagefright exploits. The watchdog remarks that it is
only focusing on Samsung first due to the manufacturer's firm grip over the
local market, as other manufacturers are also guilty of the same practices.
According to the agency's own research, 82% of the Samsung phones examined "
had not been provided with the latest Android version in the two years after
being introduced".
At this point, we should mention that these are valid claims. Samsung, like
most other Android manufacturers, does not provide timely updates to all of
its devices. Sure, the Galaxy S6 series has received timely Stagefright
patches, but the manufacturer largely remained silent when it comes to
Stagefright fixes for its vast array of mid-range and entry-level devices.
Furthermore, none of Samsung's devices currently runs Android 6.0
Marshmallow, three months after the OS officially launched.
In the light of these accurate claims, what the Consumentenbond is demanding
might be an overreach. The consumer protection agency has requested that
Samsung updates all of its smartphones to the latest version of Android for
two years since the handset is purchased (not launched) and in less than
four weeks following code availability from Google.
In some ways, the Consumentenbond is demanding smartphone makers to treat
software updates like part of the warranty, which has its length mandated at
two years in the European Union.
While we would surely love to see it happening, such an obligation would
create a lot of problems for smartphone makers since they would have to
offer timely software updates for about four years (based on an average two-
year shelf life for most smartphones) for each smartphone. For the moment,
we'll fill this one under our "desirable but not likely" folder.
What do you guys think, wouldn't you love it if smartphone makers were
forced to offer timely software updates for two years after you've purchased
a handset? | p*******m 发帖数: 20761 | 2 Linux内核存缺陷:66%安卓设备面临受攻击风险
2016-01-20 09:47:24 1607 次阅读 0 次推荐 稿源:凤凰科技 9 条评论
Google Android
据科技网站Ars Technica报道,过去约3年,数以千万计运行Linux内核的设备一直存在
一处权限提升缺陷。预计主要Linux发行商将于本周修复该缺陷,但由于为Android手机
和嵌入式设备发布更新包相当困难,许多人未来数月或数年仍将面临受到攻击的风险。
这一缺陷出现在2013年初发布的3.8版Linux内核中。安全厂商Perception Point研究人
员发现了该缺陷,并报告给Linux内核维护团队。
在服务器上,具有本地访问权限的黑客可以利用该缺陷获得最高权限;在运行KitKat及
更高版本Android的智能手机上,恶意应用可以破坏正常安全机制,访问操作系统底层
功能;嵌入式Linux设备也存在安全风险。
Perception Point研究人员称,“截至披露当天,该缺陷影响数千万台Linux PC、服务
器,以及66%的Android设备(手机/平板电脑)。尽管我们和Linux内核安全团队尚未监测
到利用该缺陷的攻击活动,建议相关厂商尽快为不安全设备发布补丁软件。”
虽然多年来黑客一直把Windows作为主要攻击目标,但他们似乎也越来越关注其他操作
系统了。 |
|