• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Write for Us
  • Contact
  • Advertise
  • Cookie Policy
    • Privacy statement (CA)
    • Cookie policy (CA)
    • Privacy statement (UK)
    • Cookie policy (UK)
    • Privacy statement (US)
    • Do Not Sell My Personal Information
    • Privacy statement (EU)
    • Cookie policy (EU)
    • Disclaimer

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech News
  • Tech Guide
  • Gadget & Apps

Researchers find security flaw across Android, Windows and iOS

Updated on Aug 23, 2014 by Guest Authors

It has been usual that a certain security flaw hits only a single operating system at a time, but a new finding from researchers the University of California and University of Michigan show a massive vulnerability across the Android, Windows, and iOS operating systems.

This means millions of apps within those ecosystems could potentially be exposed to compromises if left unattended. That’s in addition to the risks that might lead to data theft if attackers maneuver malicious apps.

security-flaw

Although the researchers performed the security tests on an Android-based mobile device, they also found that the attack method applies to the Windows Phone and iOS operating systems. The commonality of the attack method on all platforms could be attributed to the ability of the apps to gain entry into a mobile device to collect sensitive information of the shared memory.

A common scenario was employed by the researchers to see how the attack works. First, a user downloaded a random app, say desktop background photo. Then the researchers exploited the public side channel, which represents the shared memory of the download. This shared memory is found to be accessible even with a lack of app privileges.

The researchers then kept track of the shared memory to tie in the changes with the transition of the activity. This monitors every event that a user performs on an app. So when a user logs in to Gmail or an online bank account, there is a good chance that the details of that activity has been monitored.

For the attack to push through, certain requirements must be met. One, attackers should perform the attack in real time to catch the moment when a potential victim logs in to an online account in social media or productivity software tools. Then the attacker should see to it that the hack is hidden from the radar of the user by doing it at the right time.

The researchers found that this method proved successful during their tests most of the time. They were also able to perform the test hack successfully on Gmail. However, the method failed most of the time when tested on Amazon. That is so because of the system’s smooth transition of activities from one event to another, therefore creating hard timing for attackers to pull off a hack.

Again, timing is key here for the hacker. So it can be said that Android makes it easy for attackers to perform the attack because of the ease with which the timing of the attack could done on this platform.

Users of this platform are advised not to install apps from third-party stores.

Disclosure: As an Amazon Associate, I earn from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Footer

Keychron K4 Wireless Mechanical Keyboard Review – The Biggest & The Best?

Keychron K6 Wireless Mechanical Keyboard Review – Nice Balance Between Design and Function

AuthenTrend AT.Wallet Fingerprint Cryptocurrency Wallet Review – The Coolest One You Can Buy

Yeedi K650 Robot Vacuum Review – A Good Basic Vacuum

Follow TechWalls

YoutubeFacebookTwitterInstagram

Recent Posts

  • Samsung Galaxy S21 Ultra Model Number SM-G998* Differences
  • Samsung Galaxy S21+ 5G Model Number SM-G996* Differences
  • Samsung Galaxy S21 5G Model Number SM-G991* Differences
  • How to Read and Write to NTFS Drives on Apple M1 Mac?

Copyright © 2021 · All Rights Reserved