Android NFC can be exploited by hackers to spread malicious software used to

Others 2019-11-06 13:22:26 views: null

Android NFC can be exploited by hackers to spread malicious software used to

It is reported that, NFC works by broadcasting inside the device Android OS services (Android Beam). (Screenshot Via ZDNet )

This service allows Android device using near-field communication (NFC) technology to replace Wi-Fi or Bluetooth, images, documents, video, and even application, send to another device.

Typically, the installation package is stored in the transmission APK NFC device, and displays a notification on the screen asking the user whether to allow the application installation unknown sources.

However, in January this year, security researcher named Y. Shafranovich discovery: to send the application through NFC broadcast on Android 8 (Oreo) or a later version of the system, and does not display the prompt.

Instead, the notification allows a user to install the application key, without issuing any security warnings.

Despite the lack of a prompt, it did not sound so important, but it is becoming a major problem the Android security model.

Fortunately, Google has fixed the impact of Android devices NFC Beaming vulnerability in October 2019.

The definition of "Unknown sources", especially by anything other than the official Play Store installed, the default is considered untrusted and unproven.

If you need an external side-loading applications, you must go to Settings menu, and then manually enable the "Allow installation of applications from unknown sources."

Before Android 8 Oreo, this setting and without any problems. However, starting from Android 8 Oreo, Google will be based on this mechanism redesigned App's settings.

In the CVE-2019-2114 vulnerability, Android Beam is now being included in the white list, obtained with the official application store Play the same trust authority.

Google said, Android Beam service has never been a way to install the application, but only for transmitting data between devices way.

Even so, the company was in October 2019 of the Android security patch, Android Beam will be kicked out of the list of trusted sources of this mobile operating system.

LG android-beam.jpg

(Figure from: LG )

For millions still in danger of Android users, we suggest that you upgrade as soon as the phone's security patch, or try to turn off NFC and Android Beam function when not in use.

Guess you like

Origin www.linuxidc.com/Linux/2019-11/161258.htm
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com