Is your Android device secure from vulnerabilities, hacks, and exploits? Mine wasn’t. You should check your Android too for vulnerability with the VTS for Android app by NowSecure. This app checks and scans for possible vulnerabilities on your Android device.
How does VTS for Android app works?
The VTS for Android is an open source vulnerability tester that screens your Android device for weak spots that can allow hackers to access sensitive data on your Android device. Upon launching the app, you will see some device info above such as the device brand and kernel version. To begin scanning, tap the button located at the bottom-right corner of the screen.
The app will scan your Android device and show you a list of known vulnerabilities. You’ll know if your device is vulnerable to a specific threat if you find the word “Vulnerable” in red font beside the identified vulnerability. You can tap “Show Details” to know more about the threat and if a patch has been released to fix the issue.
What to do if the app detects a vulnerability?
The VTS for Android app is designed to test and identify vulnerabilities on your Android device. Aside from that, you can also export or share your results to researchers so that they can help build a patch and fix the identified vulnerability.
And that’s pretty much what you can do with the app. You can’t fix those vulnerabilities with the app or on your own unless you are an Android developer who is familiar in compiling and know how the Android system works.
It’s a sad fact that most users are at the mercy of device manufacturer. We can only wait for Android device manufacturers like HTC, Samsung and Motorola to acknowledge such vulnerabilities and to send updates and patches for your device, which usually take months or years before it arrives in our Android device. You are lucky if you receive an update for your device. Others have not received any important updates for their device for years, putting their sensitive data on their devices at risk from hackers.
And that’s pretty much what you can do with the app. You can’t fix those vulnerabilities with the app or on your own unless you are an Android developer who is familiar in compiling and know how the Android system works.
It’s a sad fact that most users are at the mercy of device manufacturer. We can only wait for Android device manufacturers like HTC, Samsung and Motorola to acknowledge such vulnerabilities and to send updates and patches for your device, which usually take months or years before it arrives in our Android device. You are lucky if you receive an update for your device. Others have not received any important updates for their device for years, putting their sensitive data on their devices at risk from hackers.
If you have found vulnerabilities on your devices by using the VTS app, NowSecure suggests doing the following:
- Keep your devices updated - updating your device resolves previous vulnerabilities identified from the previous software build. Update your device as soon as your phone or tablet buzzes you that an update is available for download.
- Use a highly supported device - the Nexus devices are one of the first devices to receive updates directly from Google so a possible threat can be fixed sooner than on OEM devices. Also, take note that older devices receive less update than those devices which are new to the market.
- Use devices with few added features, bloatware and other gimmickry - added features, apps, and bloatware may be used by hackers to gain access to your device. As much as possible, invest on a device with a few added features and bloatware such as the Google Nexus line.
- Flash a custom ROM - If added features and bloatware can’t be avoided on your Android devices, flash a custom ROM. Doing so will remove all added features and replace it into a vanilla Android flavored ROM. But don’t just pick any custom ROM. Pick a custom ROM which is actively supported by developers and receives frequent updates such as the CyanogenMod ROM.
- Spread the word - tell your friends about the possible threat on their Android devices and share your results to researchers so they can build a fix. You can also file a report to OEM Manufacturers about the possible threat on your device. The more reports companies receive, the higher the chance that they will be pressured to act on the problem and find a fix for it.
I also tested the app on my Android tablet running a CyanogenMod ROM and only got 1 possible vulnerability. My HTC phone running a stock HTC ROM got more hits than on my tablet which is running a custom ROM.
Getting informed is better than knowing nothing at all. Try the VTS for Android on your Android device to check if your device is vulnerable to hackers. You can also find the Github repo at this link.
No comments:
Post a Comment