cancel
Showing results for 
Search instead for 
Did you mean: 
1

Ask

2

Reply

3

Solution

Quadrooter/Bugs/Adriod LG G4

iainsymac
4: Newbie

I have just seen this artice on the BBC website:

http://www.bbc.co.uk/news/technology-37005226

 

I have an LG G4 which is one of the phones affected.

 

I downloaded the Quadroot checker and it found four vulnerabilities:

Quadroot.png

My question is, is it Vodafone or LG that will be providing the patches to remedy these bugs? And, are they available yet?

 

cheers,

 

Iain

1 ACCEPTED SOLUTION

hrym
17: Community Champion
17: Community Champion

The original report implies that you're OK as long as you don't install apps from outside the Play Store.  As with most "vulnerabilities", I suspect your have to be pretty casual about safety to be in any serious danger.

 

The fault appears to have been discovered by reverse-engineering the Qualcomm software, which took something like 6 months.   As there are easier ways of compromising any device (mainly dodgy links and downloads), I suspect those will still be the favoured route.

View solution in original position

12 REPLIES 12

toma
4: Newbie

I'm also interested to know when Vodafone will be releasing an update addressing this (Sony Z5 Compact / 4 vulnerabilities).

 

Tom

drey_p
16: Advanced member
16: Advanced member

Hi there

 

I'm afraid that Vodafone don't comment on the release of firmware updates.For more information, please see the FAQs here

PWIAC

hrym
17: Community Champion
17: Community Champion

The original report implies that you're OK as long as you don't install apps from outside the Play Store.  As with most "vulnerabilities", I suspect your have to be pretty casual about safety to be in any serious danger.

 

The fault appears to have been discovered by reverse-engineering the Qualcomm software, which took something like 6 months.   As there are easier ways of compromising any device (mainly dodgy links and downloads), I suspect those will still be the favoured route.

Even sticking to the Android walled garden is not a 100% sure way of not getting hit by this vunerability.

There have been historical reports of rogue apps making their way on to the Play store.

 

The real fix is to get the vunderable devices patched. That needs the phone's manufacturer to make it and the carrier to pass it on. Plus the end user has to install it. But we are waiting on the first two to happen.

drey_p
16: Advanced member
16: Advanced member

There is an announcement from Vodafone here.  As expected it doesn't give any timescales on when a fix will be released.

PWIAC

kids
Community Champion (Retired)
Community Champion (Retired)

Yes, interesting insn't it.  The app that the article refers to works & has identified 4 vulnerabilities on my HTC One M8.

 

I particulalry like the bit at the bottom where it says to beg the people who sold you the phone to apply the patches...

 

Would anyonne at Vodafone like to make any kind of comment at all?  I'm prepared to beg, (but not holding my breath).

 

 

 

 

For Vodafone to be able to supply the patch, your phone's manufacturer must first create it.

 

Then Vodafone gets to add branding to it and send it out over the network.

 

But they still have to wait for the manufacturer.

Indeed, but the article goes on to say this...

 

"Qualcomm is believed to have created patches for the bugs and started to use the fixed versions in its factories.

It has also distributed the patches to phone makers and operators. However, it is not clear how many of those companies have issued updates to customers' phones."

 

It is entirely possible that this is not the full story and HTC, (in my case), may not have made the patches available but it would be very nice if Vodafone would offer some kind of comment.

 

I'm still not holding my breath.