Duo Security’s X-Ray: over 50% of Android devices ‘vulnerable’

Duo Security’s X-Ray: over 50% of Android devices ‘vulnerable’A few months ago, Duo Security released X-Ray, an app that performs a “vulnerability assessment” – scanning for known, yet unpatched, vulnerabilities in Android.

The first results are in, and they suggest that over half of Android users have unpatched vulnerabilities. God, no!

Rather than scanning for malicious apps, X-Ray looks for known problems in the Android platform itself. In the worst case, Duo Security suggests that the vulnerabilities could be used to take “full control” of a user’s phone.

So next time you look at your Android handset, don’t be surprised if you see some guy in China sitting playing Angry Birds and sending dirty texts to your aunt. Er, remotely, of course.

“The stat is based on over 20,000 users who downloaded and ran the X-Ray mobile application on their device, and the current global distribution of Android versions,” yelled Duo Security’s Jon Oberheide in an email to Information Week.

“As carriers are very conservative in rolling out patches to fix vulnerabilities in the Android platform, users’ mobile devices often remain vulnerable for months and even years.”

Amusingly, X-Ray isn’t available from Google Play. It can only be downloaded directly from Duo Security, which entails allowing your device to install non-Google Play apps. Fantastic stuff.

Read more about: Android

Add a comment
5 comments

jaybear88  Sep. 14, 2012 at 11:12

Fair play on the last paragraph Lewis, many-a-reporter may have missed that.

lcurdie / MOD  Sep. 14, 2012 at 11:46

*flexes "muscles"*

Treab  Sep. 14, 2012 at 11:54

some guy in China 

Why China why not i dunno Ireland... Racist... Pure racism :-P we all know those cheese eating Irish are the worst especially when drunk on guinness

Pondlife  Sep. 14, 2012 at 12:29

Yeah I wondered who would install it
Liked the articles about the factory installing viruses before shipping computers more.

matt101101 / MOD  Sep. 14, 2012 at 12:45

It can only be downloaded directly from Duo Security, which entails allowing your device to install non-Google Play apps.
Any security app which bypasses Android's first line of defence is probably not worth taking note of.

Email:

You don't need an account to comment. Just enter your email address. We'll keep it private.

Comment: