Friday, June 19, 2015

Google makes sure his own phone … but not Android – FORTUNE

NEW YORK (CNNMoney) – Google made an aggressive maneuver business.

The technology quickly make their own Nexus phones the most secure and reliable market Android devices. But also it made all the other smartphone Android (Samsung Galaxy, G4 LG, Alcatel OneTouch) more vulnerable to the hackers .

To understand why, consider the painful relationship between Google and device manufacturers like Samsung and US wireless carriers like AT & T, Sprint, T-Mobile and Verizon.

Unlike iPhones, when Google introduces new features and security patches, device manufacturers and phone providers decide when to implement them. Customers hate this highly fragmented system.

Have you ever wondered why Google introduced the new version of Android (Lollipop) in November but several months after you got? Blame the manufacturer of your phone and your phone provider.

The Google Nexus devices receive instant updates. Everyone else has to wait. But now, the wait will be more painful than ever.

This week, Google decided to start Intelligent reward researchers who find defects in the software Android on the Nexus devices and updates immediately sent to Nexus phones and tablets.

This means that for a period after each update, the hackers everywhere will have clues on how hacking than Android phones Nexus.

Google betrayed Android users? is not new pay the hackers to find defects and report them publicly. He is known as program “bug hunters”. Every respectable company makes, including Facebook, Microsoft and others.

Why pay to the hackers to find errors? Because mistakes are valuable and are sold on the black market. Criminals and spies are willing to pay more than $ 20,000 (300,000 pesos) for a mistake never seen before because they use so called Zero days to infiltrate the computers of companies and governments.

This is how cyber-mafias are cast in banks. This is how the US government got into a plant and sabotaged Iran’s nuclear enrichment program in 2009. Zero days are superweapon for hackers.

Google is offering to pay $ 500 (7,500 pesos) for small mistakes, 2,000 (30,000 pesos) for large and 8,000 (about 120,000 dollars) if the researcher also offers the solution.

In general, cyber security experts agree that this transparency makes Android phones safer. But also creates a two-tier system: Nexus is first class and all other devices are trapped in economy. Enjoy your peanuts.

Bugcrowd, a company that runs one of the programs biggest mistakes hunt, described as follows Google’s performance: “Essentially they did attack Zero Day Your Customers “.

Google CNNMoney asked if he had betrayed the 96% of Android users.

In a statement, Google said: “We will work as quickly as possible to provide solutions to all partners, usually within 30 days after work with researchers to report problems to reveal timely information.”.

Why Google did this? Some people believe it is a hint of Google to Samsung, LG and cell phone providers adopt updates faster.

Kymberlee Price, BugCrowd research director, said that “vendors hardware know they have to start taking security updates immediately or lose customers who They are concerned about security. ”

“It’s definitely a move to pressure,” he said. “This could well mean that Google meant that sellers of hardware and not going to limit”.

None of the companies providing cellular commented to CNNMoney. Nor phone manufacturers.

This particularly affects Samsung. Just over half of Android phones are to the company, experts in software AppBrain.

LikeTweet

No comments:

Post a Comment