Android Exploits – New App released!

Android Security is a long term topic for any kind of Android users. Several years ago Google announced the Android Security Bulletins[1] that tries to provide frequently security updates for Android Software components like middleware, kernel and device drivers.

But Hardware Manufacturers can decide to provide updates for their own and not all Manufactures ship their security patches in a proper frequency.

Usage and background information

Intension

Security Report

The “Android Exploits” project is intended to track the frequency of security updates and will tell customers if their device is outdated. It will list known exploits that are executable on their device and warn the user if their device can be compromised.

Picture 1: The list of security issues contains configuration problems as well as exploits (in that case CVE-2022-42529)

Uses can pess the (i) button in order to get more detailed information about the issue. In some cases the user is able to fix configuration or remove a risky app. In other cases the user has to wait for an System update or in case the device is too old he needs to buy a new device. This can help people to improve users device security.

Picture 2: Example of Google Pixel 6 that has no security Issues at this now

Ranking and Statistics

Another intension of this app is to show how Manufacturers care about their device security on a long run. The “Android Exploits” app offers a lot of statistics and data analyses which contains rankings, historical data, security scores and much more.

Picture 4: Device ranking. This list is a ranked list of devices while the first device is that device with highest score and last device is that device with lowest score

Score “calculation”

The security score is designed to give the user some kind of rating about his device security. In general this does not mean that a device with a good score is unable to be compromised. But it means that devices with lower score are more easy to attack because they didn’t receive necessary updates, are to old or have a wrong device configuration.

“Android Exploits” collects all necessary data and transfers them to the server backend. The server backend has an internal score of every incidence and will combine them to the final score. The user can see this score on the main page and can also look at scores of other devices, manufacturers or software components.

Download

“Android Exploits” can be downloaded via Google Play

Sources
[1] – https://source.android.com/docs/security/bulletin

4 Comments

https://israelnightclub.com/

1. May 2023 / 7:39 Reply

Greetings! Very useful advice in this particular article! Its the little changes that will make the biggest changes. Thanks for sharing!
Robert Myers

5. May 2023 / 1:04 Reply

This is freaking weird
- Smok12
  
  19. May 2023 / 0:37 Reply
  
  Hook it up dawg }:‑)
Tina M Ward

18. May 2023 / 15:37 Reply

Thank you.. life is precious and goes by 0
quicker in every year!