After in was exploited for spying now a new in allowed 3rd party apps to take pictures and video without user knowledge or permission: [CVE-2019-2234] -
checkmarx.com/blog/how-attacke

@CyberHues this was very much expected, not really a shocker.

Follow

@shirishag75 True. So there are few imp. Questions raised hence -

1. As such incidents are coming out of darkness more often then before (even in Indian media) - are we end user also learnings parallely the basics of mobile security like what is a "0-day", what is the "fragmentation issues" on Android platforms, why er need to update our apps & software regularly?

2.Do we have any federal level safeguards for the consumer in such cases in consumer court, since Android is a product for Google.

@CyberHues I couldn't agree more. The problem is in India and Indian politics, cyber security is either framed as something so nerdy that nobody will get it, or will be supressed. For e.g. the Android fragmentation issue or 0day are not something which happened now, both of these are at least half a decade or more. I remember both these terms going back at least half a decade back if not more. Don't really have answers to the questions you asked though :(

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!