Smartphone security hole: 'open port' backdoors: study

Updated 2017-05-15 11:30:21 Xinhua

Latest study of the University of Michigan (UM) found that the "open ports" of an internet communication mechanism in mobile devices are much more vulnerable to security breaches than previously thought.

UM researchers have analyzed 24,000 popular mobiles apps to arrive at this finding, and posted the results on the website of UM.

The researchers found that open port backdoors could be exploited to steal private information such as contacts, security credentials and photos; to remotely control a device; to perform a denial of service attack; or to inject malicious code that could jumpstart widespread, virus-like attacks.

They have identified 410 apps with dangerous insecurities, and 956 different individual ways those insecurities could be exploited.

The vulnerability the researchers highlighted is most pronounced in Android apps that let users share data across devices and connect to their phones from their computers.

The researchers found that more than half of the usage of open ports in the apps they studied is unprotected, and the unprotected nature shows a general lack of awareness of the problem.

Investigating the fundamental causes behind this general vulnerability, the researchers found that it is exposed by popular ways open ports are used in the smartphone ecosystem, rather than poor implementation of apps.

Open ports are integral pieces of internet infrastructure that allow computer programs to accept packets of information from remote servers. It is safe in traditional computers because computers' Internet Protocol addresses don't change.

The researchers have identified certain steps app developers can take to mitigate the vulnerability, and reported the vulnerabilities to affected app developers.

Smartphones also use open ports to receive certain types of information. But because of the way mobile networks are structured, phones' IP addresses can change as they move through the world. This and other factors relating to mobile architecture lead to these vulnerabilities, the researchers say.

Also in the News

Nicole Kidman Recalls Oscar Glory: Loneliest Time
Showbiz2016/06/16 13:58July 16 2018 10:30:37

Nicole Kidman Recalls Oscar Glory: Loneliest Time

Attending Shanghai International Film Festival, Nicole Kidman talks about her role in "Grace of Monaco".

Labor Day Travel Peak Starts
Also in the News2014/05/01 12:16July 16 2018 10:30:37

Labor Day Travel Peak Starts

Johnny Depp Delivers a Speech 'Evolve the Future' in 'Transcendence'
Also in the News2014/04/18 13:18July 16 2018 10:30:37

Johnny Depp Delivers a Speech 'Evolve the Future' in 'Transcendence'

Hollywood star Johnny Depp's speech in the upcoming new film "Transcendence" has been disclosed on Friday, April 11th.

Most Watched

China World Business Sports Showbiz Audio
C4 My Chinese Life The Sound Stage China Revealed Showbiz Video Travel Video
China World Fun Travel Entertainment Sports
Beijing Shanghai Guangzhou
Live Music Opera & Classical Movies Traditional Shows Exhibitions
Learn Chinese:
Chinese Studio Living Chinese Everyday Chinese Just For Fun Chinese Culture Buzzwords