TrendMicro discovered vulnerabilities in the Qualcomm Snapdragon 800 series, including the 800, 805 and 810 on devices running a 3.10-version kernel. They have privately discussed the issue with Google who have since pushed out updates to resolve these issues on their phones, preventing attackers from gaining root access with a specially crafted app. Unfortunately that is the tip of the iceberg as according to Qualcomm more than a billion devices use Snapdragon processors or modems, many of them IoT devices which have not had this update. With the already fragmented market getting worse as everyone and their dog are now creating IoT devices the chances are very good that your toaster, fridge and other random internet connected devices are vulnerable and will remain so.
You should think twice when considering the balance of convenience and security when you are purchasing internet connected household appliances and other IoT devices. You can see what Slashdot readers think about this here if you so desire.
"Security experts at Trend Micro have discovered a vulnerability in Qualcomm Snapdragon-produced SoC devices. In fact, it is the same vulnerability that cropped up earlier in the month, affecting Nexus 5, Nexus 6, Nexus 6P and Samsung Galaxy Edge Android handsets. This in itself is concerning as these are devices that are no longer in line for security updates, but more concerning is the fact that the same chips are used in IoT devices."
Here is some more Tech News from around the web:
- Radeon Pro Duo spearheads AMD's push for VR dominance @ The Tech Report
- Microsoft Still Accepts Bitcoin, Apologizes For 'Inaccurate Information' @ Slashdot
- Making proteins talk to silicon electronics @ Nanotechweb
- Watch Open Networking Summit This Week via Free Live Video Stream @ Linux.com
- Negotiations continue on Foxconn Sharp deal @ DigiTimes
- Mozilla will release its Servo browser for alpha testing in June @ The Inquirer
- ARM and TSMC join forces to develop 7nm FinFET technology @ The Inquirer
- Here's what an Intel Broadwell Xeon with a built-in FPGA looks like @ The Register