Google has revealed a vulnerability that can allow an attacker to control the built-in camera app on device, as well as take recordings and photos. The warning comes in the Android Security Bulletin for December 2019, which shows the usual patches to vulnerabilities and security holes the company can find in Android. It relies on an in-house cybersecurity team that performs penetration tests, as well as academics in computer science, who provide the team with potential security risks.
Not all vulnerabilities are the same, with some that are relatively harmless to the device. This ranges up to the very severe “critical” rating, which could potentially leak user data or stop the device from functioning. Three of these critical vulnerabilities have been found and patched for the December 2019 Security Update.
The most worrying bug, from a privacy standpoint, is the vulnerability that can allow an attacker to control the built-in camera app on device, as well as take recordings and photos.
The most severe of them all is a permanent denial of service attack that stops a user’s smartphone from functioning. The scariest thing about this exploit is that “user interaction is not needed for exploitation” and “no additional execution privileges” are needed. This means, technically, a line of code hidden within an app could be triggered remotely to “brick” a phone.
So how does protect themselves from having a phone remotely bricked? That depends on who makes it.
Google’s own Pixel phones will have received the update already via settings. Samsung, on the other hand, is still sending out its monthly Security Maintenance Releases. However, the non-flagships can expect to wait longer than those with flagships. On a Samsung Galaxy A6+, the latest security update remains October 2019.
This pattern continues through to other manufacturers like Huawei and LG, who have to test the new security patches against the myriad of devices they have on the market. This point makes security tricky.
Nevertheless, the best thing one can do now is ensure automatic updates over Wi-Fi is enabled. On most Android devices, one can head over to Settings, then to Software Updates (which is sometimes under About Phone). After the phone checks for an update, it will show which version it is using, as well as the security patch level.
A rule of thumb for those who store sensitive data on their smartphones: as soon as your phone stops receiving security patches, it’s time to get another one.
SA’s Internet goes down again
South Africa is about to experience a small repeat of the lower speeds and loss of Internet connectivity suffered in January, thanks to a new undersea cable break, writes BRYAN TURNER
Internet service provider Afrihost has notified customers that there are major outages across all South African Internet Service Providers (ISPs), as a result of a break in the WACS undersea cable between Portugal and England
The cause of the cable break along the cable is unclear. it marks the second major breakage event along the West African Internet sea cables this year, and comes at the worst possible time: as South Africans grow heavily dependent on their Internet connections during the COVID-19 lockdown.
As a result of the break, the use of international websites and services, which include VPNs (virtual private networks), may result in latency – decreased speeds and response times.
WACS runs from Yzerfontein in the Western Cape, up the West Coast of Africa, and terminates in the United Kingdom. It makes a stop in Portugal before it reaches the UK, and the breakage is reportedly somewhere between these two countries.
The cable is owned in portions by several companies, and the portion where the breakage has occurred belongs to Tata Communications.
The alternate routes are:
- SAT3, which runs from Melkbosstrand also in the Western Cape, up the West Coast and terminates in Portugal and Spain. This cable runs nearly parallel to WACS and has less Internet capacity than WACS.
- ACE (Africa Coast to Europe), which also runs up the West Coast.
- The SEACOM cable runs from South Africa, up the East Coast of Africa, terminating in both London and Dubai.
- The EASSy cable also runs from South Africa, up the East Coast, terminating in Sudan, from where it connects to other cables.
The routes most ISPs in South Africa use are WACS and SAT3, due to cost reasons.
The impact will not be as severe as in January, though. All international traffic is being redirected via alternative cable routes. This may be a viable method for connecting users to the Internet but might not be suitable for latency-sensitive applications like International video conferencing.
SA cellphones to be tracked to fight coronavirus
Several countries are tracking cellphones to understand who may have been exposed to coronavirus-infected people. South Africa is about to follow suit, writes BRYAN TURNER
From Israel to South Korea, governments and cell networks have been implementing measures to trace the cellphones of coronavirus-infected citizens, and who they’ve been around. The mechanisms countries have used have varied.
In Iran, citizens were encouraged to download an app that claimed to diagnose COVID-19 with a series of yes or no questions. The app also tracked real-time location with a very high level of accuracy, provided by the GPS sensor.
In Germany, all cellphones on Deutsche Telekom are being tracked through cell tower connections, providing a much coarser location, but a less invasive method of tracking. The data is being handled by the Robert Koch Institute, the German version of the US Centers for Disease Control and Prevention.
In Taiwan, those quarantined at home are tracked via an “electronic fence”, which determines if users leave their homes.
In South Africa, preparations have started to track cellphones based on cell tower connections. The choice of this method is understandable, as many South Africans may either feel an app is too intrusive to have installed, or may not have the data to install the app. This method also allows more cellphones, including basic feature phones, to be tracked.
This means that users can be tracked on a fairly anonymised basis, because these locations can be accurate to about 2 square kilometers. Clearly, this method of tracking is not meant to monitor individual movements, but rather gain a sense of who’s been around which general area.
This data could be used to find lockdown violators, if one considers that a phone connecting in Hillbrow for the first 11 days of lockdown, and then connecting in Morningside for the next 5, likely indicates a person has moved for an extended period of time.
Communications minister Stella Ndabeni-Abrahams said that South African network providers have agreed to provide government with location data to help fight COVID-19.
Details on how the data will be used, and what it will used to determine, are still unclear.