Android security has gotten stronger over the years, as OEMs and Google focused their resources on providing maximum safety for their customers.
Both the use of encryption and the constant rollout of security updates are contributing to the creation of a stronger, risk-free Android OS. However, all operating systems are prone to hosting vulnerabilities, and some companies even reward experts who alert them about security issues.
A recent example comes from security researcher Gal Beniamini, who identified a security liability that affects millions of Android devices, specifically those that are equipped with Qualcomm processors. The risk comes in the form of the theoretically safe Full Disk Encryption (FDE). The full encryption can be found on Android devices packing Android 5.0 Lollipop and newer.
It looks like the Android devices that carry Qualcomm chipsets are storing the disk encryption keys in software. This means that the keys can be attacked or stolen in a myriad of ways. What is more, a hacker who gets access to them can use multiple means to quickly crack a user's password, such as a server cluster, a supercomputer or a field-programmable gate array.
The security researcher also published an exploit code that hits two vulnerabilities in TrustZone and uses them to extract the disk encryption keys. As a reminder, TrustZone is a batch of security features within the ARM processors that Qualcomm sells to smartphone manufacturers.
Both Qualcomm and Google underline that their internal security teams caught the flaws early on and addressed them by sending security updates to partners and customers. Google notes that its January 2016 and May 2016 patches targeted the vulnerabilities that Beniamini showcases in his recent post.
Google dubbed the two security issues CVE-2015-6639 and CVE-2016-2431, respectively.
It's important to note that simply sending out the patches does not guarantee that all devices received or installed them.
Beniamini adds that some of the Android devices that got patched can be rolled back to their earlier, vulnerable position. He notes that the rollback can be done especially for gadgets that feature unlockable bootloaders, such as the Nexus 6 and Nexus 5. Beniamini points out that the recent Nexus 5X and Nexus 6P are safe despite their unlocked bootloaders.
Nexus owners received a critical security update in March, showing that Google is on its toes security-wise.
Keep in mind that when the devices were unprotected, hackers could have had free rein in executing a Brute-Force attack. Such a malicious action grants access to personal data from the device, such as contacts and media files. This is why it is recommended to always check for updates to the OS and install critical security patches as soon as they land.