Google Fixes Zero-Day Kernel Flaw, Says Effect on Android Not Really That Bad (csoonline.com)

← Back to Stories (view on slashdot.org)

Google Fixes Zero-Day Kernel Flaw, Says Effect on Android Not Really That Bad (csoonline.com)

Posted by samzenpus on Thursday January 21, 2016 @03:05PM from the protect-ya-neck dept.

itwbennett writes: Google has developed a patch for Android in response to a flaw in the Linux kernel and has shared it with device manufacturers. That doesn't mean the patch will hit users' phones right away, though. It might take weeks. But that's ok, says Google, because most Android devices are unlikely to run vulnerable kernel versions, and those that do are protected by SELinux.

6 of 132 comments (clear)

Min score:

Reason:

Sort:

Ridiculous by Anonymous Coward · 2016-01-21 15:08 · Score: 2, Insightful

If there's a security fix for iOS, I can download and install it right away. There's no reason that shouldn't be the case for Android. This is ridiculous. And what if the manufacturers have disabled SELinux or set it to be permissive? It's a matter of time before a worm like Blaster hits Android and does some serious damage. Fix your damn security model!
1. Re:Ridiculous by phantomfive · 2016-01-21 15:15 · Score: 3, Insightful
  
  If there's a security fix for iOS, I can download and install it right away. .... Fix your damn security model!
  Some people would say that security doesn't depend on fast updates: security depends on not having security vulnerabilities in your software to begin with.
  
  --
  "First they came for the slanderers and i said nothing."
2. Re:Ridiculous by SirSlud · 2016-01-21 15:29 · Score: 2, Insightful
  
  You're right. Some people would say that security depends on being perfect. Those people however are living in a dream world where trying to prevent mistakes and fixing mistakes are somehow physically mutually exclusive.
  
  --
  "Old man yells at systemd"
3. Re:Ridiculous by Anonymous Coward · 2016-01-21 15:36 · Score: 2, Insightful
  
  Nobody can deny the the Android update situation is a complete mess. But Apple aren't exactly security darlings here. Sure, you get the updates immediately... when Apple gets around to it. You still have to live with years-old known vulnerabilities, and major issues being held back for more product-cycle friendly release timescales.
That doesn't mean ..... by frovingslosh · 2016-01-21 16:21 · Score: 2, Insightful

That doesn't mean the patch will hit users' phones ever, though.
There, I fixed it for you.

--
I'm an American. I love this country and the freedoms that we used to have.
Weeks? by cyber-vandal · 2016-01-21 18:59 · Score: 5, Insightful

How about months or never. The upgrade situation on Android is a joke unless you buy from Google.