Security researchers developed proof-of-concept Stagefright exploit
The Stagefright bug is once again hitting the news as Security researchers at NorthBit have developed a proof-of-concept Stagefright exploit, Metaphor, that reliably compromises Android phones. Tod Beardsley, Security Research Manager at Rapid7, comments:
“Android is an incredible phenomenon in open source software, and brings the Internet to millions of people who would otherwise find themselves on the wrong side of the digital divide. To put this vulnerability in context: It’s been nearly a year since Joshua Drake reported the Stagefright vulnerabilities to Google, so the fact that a majority of Android users remain vulnerable to these well understood bugs is difficult to fathom. Many, many people depend on their Android handsets to live their lives, especially in the developing world. It’s unreasonable to expect these people to simply throw out their vulnerable £50 phones and replace them with new £500 alternatives.
Google has been welcoming of, and benefits from, the continued support of the open source community to build and deploy its amazing platform. In turn, Google, Samsung, and the world’s wireless carriers need to deliver regular and emergency patches to the diverse and substantial Android user base. Google can and should be applying continuing pressure to their partner device manufacturers, cell service carriers, and retailers of these tiny, powerful computers.”
Image source: Pixabay.com