Researchers test the security of smartphone manufacturers' Android kernels
TU Graz has examined a large number of older and current smartphones for known vulnerabilities. No device uses all the security offered by the kernel.
Even though the Android kernel offers more security, smartphone manufacturers are not taking advantage of this.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
At the Usenix Security Conference in Philadelphia, USA, researchers from Graz University of Technology presented an analysis of 994 smartphones from ten major manufacturers. They were looking for defense mechanisms against known security vulnerabilities, the one-day exploits. The Generic Kernel Image (GKI) of Android version 6.1 provided by Google was used as the basis for the study. This was able to prevent 85 percent of the attacks, some of which were automated. The kernels adapted by the cell phone providers only prevented between 29 and 55 percent of the attacks.
Unsurprisingly, but nevertheless remarkable: the older the devices were, the less protection they offered. Smartphones that came onto the market between 2018 and 2023 were tested. Depending on the manufacturer, many of them are likely to have been out of support for only a few years by now. The Android versions of the devices ranged from version 9 to 14, with kernels from 3.1 to 6.1.
According to the research results (PDF), the manufacturers leave many security functions unused on the older smartphones, which could only be activated by configuring the kernel differently. The scientists state that even kernel 3.1 from 2014 would be more secure than 38 percent of all devices, including those with a more modern operating system.
Security is switched off for more performance
In addition to age, the performance of the smartphones also plays a role: slower and cheaper devices are 24 percent more vulnerable than high-end phones. The scientists attribute this to the fact that some security measures would reduce performance and have therefore been switched off by cell phone manufacturers.
Videos by heise
In their report on the analysis, the Graz-based scientists Lukas Maar, Florian Draschbacher, Lukas Lamster and Stefan Mangard also rank the companies. From the most secure to the least secure provider: Google, Realme, OnePlus, Xiaomi, Vivo, Samsung, Motorola, Huawei, Oppo and Fairphone. The Android market leader Samsung is therefore in the bottom half of the providers surveyed, but this is probably due to the large number of its devices, including cheaper ones.
The scientists made the results of their research available to the companies, with only Google, Fairphone, Motorola, Huawei and Samsung "taking note" of them, according to the researchers. However, some of them have released patches, but it is not yet known who and for which devices. Google would also like to address the issue and improve security, especially of the kernel.
(nie)
