Since 2012 RAMpage – A Vulnerability Affecting Every Android Device Built




We already know about the infamous Rowhammer vulnerability in DRAM (dynamic random access memory). Now, researchers have discovered another hardware vulnerability working similarly. The newly identified RAMpage vulnerability could allow hackers to take complete control of your smartphones. Posing a threat to all Android devices for the past six years.


RAMpage Vulnerability – A Rowhammer Variant



A team of eight researchers have discovered a hardware flaw that puts all Android devices at the risk of hacking. The team calls it RAMpage as it exploits memory pages in RAM.  primarily makes Android phones vulnerable to hacking attacks as it provides to the device.



Researchers have published a  in which they have explained about the flaw, and have proposed a solution too. The paper is available online in a one statement from it states:
“While apps are typically not permitted to read data from other apps, a malicious program can craft a rampage exploit to get administrative control and get hold of secrets stored in the device.”


This vulnerability could leak almost all of your personal data to hackers. This includes everything from saved passwords and emails to messages, business documents, and photos.
Though RAMpage mainly targets Android phones and tablets, the iOS-based gadgets do not remain significantly safe from this flaw.

The Threat Has Been Around Since 2012


The researchers clearly stated that the RAMpage has been around for the past six years. According to them, all android devices with vulnerable memory.
“More technically, every mobile device that is shipped with LPDDR2, LPDDR3, or LPDDR4 memory is potentially affected, which is effectively every mobile phone since 2012.”

Regretfully, no patch is yet available for RAMpage vulnerability. Moreover, one cannot precisely state desktops to be safe from it.
Google has recognized this flaw (CVE-2018-9442). Yet, they do not presently recognize it to be as important as the researchers believe it is.


“We’ve worked closely with the research team and thought this vulnerability isn’t a practical concern for the overwhelming majority of users.”
Google also claims that present Android devices are already safe from this flaw.
“While we recognize the theoretical proof f concept from the researchers, we also recognize that newer devices contain memory with Rowhammer specific protections (for example the researcher proof of concept for this issue does not work on any currently supported Google Android devices).”

Comments

Post a Comment

Popular posts from this blog

Amazon 2nd Gen Echo Dot review

Image
Amazon'sEcho Dot: Still a crown jewel of the modern smart home Summary The Dot is a smaller yet just as powerful version of the Amazon Echo. What it lacks in an internal speaker system it makes up for with an audio-out port and Bluetooth connectivity. While the app and inability to route queries to a single Alexa device within close proximity of each other can be annoying, the $50 price and Alexa's usefulness make the Dot a solid option for anyone who wants to start building a connected home on the cheap. Hardware At only 1.3 inches tall, the Dot (available in black or white ) virtually disappears into your home. It can be placed anywhere, and it won't disrupt your carefully decorated room. Like the larger Echo, the second-generation Dot can be used to fill an Amazon cart. But that's not the only thing people use it for. Instead, the Alexa platform is an incredibly helpful connected home hub , a fountain of random facts, an audiobook reader
Read more

Not Android: Google just invested in a new mobile os

Image
Google invested in a mobile OS called KaiOS this month, and it’s no secret that it’s not based in Android. What we’re looking at here is a company that makes an operating system that’s focused on feature phones – but feature phones that are smart. Sort of like bridging the gap between non-smart and smart phones. KaiOS might well be a big part of Google’s future in emerging markets around the world. According to KaiOS representatives, this operating system already works with a wide variety of manufacturers and carriers. Both inside and outside of the USA, KaiOS is established. You and I might have never heard of them before, but they’re out there! KaiOS worked in the past – and present – with manufactuer partners TCL, HMD Global, and Micromax. They’ve worked with Reliance Jio, Sprint, AT&T, and T-Mobile. They operate out of San Diego, Hong Kong, Taipei, Shanghai, Paris, and Bangalore. They’re ready to roll, basically. “We want to ensure that Google apps and servi
Read more

Hidden tricks you didn't know about your Android phone

Image
10 tips to master your Google-powered device. The Android versus iPhone debate continues to rumble on. But one thing is certain: Google's phone software is more versatile and customizable than Apple's offering. Dig into the settings and tweaks available for your Android phone and you'll find a host of clever features and useful tools. We've collected 10 of them right here. A quick note before we begin: Android has a wide variety of makes, models, and versions, which makes it more difficult to find features that will be consistent across all devices. We only verified the following tips on stock Android 7.0 Nougat—they should also work on related systems, but some of the menus and procedures may vary slightly. 1. Cast your Android screen For a number of years, you've been able to broadcast your Android phone or tablet's display to the larger screen of a television using a Chromecast. In addition to beaming video from all the us
Read more