Android OS Has 146 Security Vulnerabilities

Jeff Brown
|
Nov 21, 2019
|
Bleeding Edge
|
6 min read
  • Read this before you buy your next smartphone
  • Yes. Google is manipulating its search results
  • The AI that can predict lightning strikes

Dear Reader,

I have a request. Keep a close eye on your inbox this Sunday morning, November 24.

I’m going to be sending you a special weekend edition of The Bleeding Edge. There are some important developments happening in the field of precision medicine and CRISPR genetic editing technology.

In a matter of weeks, I believe one CRISPR-related company will go down in history as the company that permanently cured a debilitating disease.

It’s a great story for humanity. But it’s also a once-in-a-generation investing opportunity…

I’ll tell you more on Sunday morning. Be sure you keep an eye out for it.

Now let’s turn to The Bleeding Edge

What they won’t tell you about the Android operating system…

Consumers tend to love smartphones based on Google’s Android operating system (OS) because, in general, they are less expensive and very functional. But new research should make us think twice before buying an Android OS smartphone…

An independent security firm discovered that current Android phones have 146 security vulnerabilities right out of the box… before they are even switched on.

That’s across 29 manufacturers. And it includes Samsung phones, which are the most widely used smartphones in the world. In fact, Samsung claims about 20% of the global smartphone market share.

This means virtually all Android OS-based smartphones are riddled with security flaws. And some of these flaws are quite serious.

Researchers determined that some of these flaws allow hackers to gain access to the phone even without the user downloading a bad app. That means consumers’ data can be compromised even if they don’t make the mistake of downloading malicious software.

For users who are concerned about security, I cannot recommend any device using the Android OS. That’s been my position for years.

I had been hoping that it was getting better, but this new research demonstrates that the problem is much worse than I realized.

Today, Apple’s iOS is the safest route to go. I say this objectively as a technologist… I don’t own any Apple stock or have any ties to the company.

Apple doesn’t have these security vulnerabilities. That’s largely because Apple has total control of its iOS software. Every iPhone basically runs the same software. And that means Apple can push out security patches to users as soon as they become available.

For comparison, Android uses open-source software that allows the different Android-based phones to be customized. That may make for some interesting differences, but it also means that Google can’t push out security patches in the same way that Apple does.

Instead, it sends security updates to each manufacturer first. Then the manufacturer decides when it’s ready to provide the software updates to the wireless carriers.

Then the wireless carriers test the downloads to all devices on their networks, which takes many months. That means the phone is compromised for a much longer period.

In fact, by the time most Android OS-based smartphones receive a security patch, it is often six to nine months old.

Users who have owned an iPhone and an Android phone probably noticed that Apple puts out more updates than Android. This is why.

If any of us are concerned about the security of our smartphones, we should keep this in mind the next time we purchase a phone…

More dirt on Google’s search engine…

I don’t often compliment the mainstream press. I find that often it just doesn’t have the necessary background to report the full story when it comes to technology topics.

But The Wall Street Journal just put out a great article that outlines how Google is manipulating our search results. The details provided are fantastic.

The article reports that Google has consistently made changes to its search engine algorithm so that it favors big businesses over small businesses. What’s more, it favors big businesses that write big checks to Google most of all.

When we search for a certain product or service, Google will try to steer us to one of its big corporate buddies… certainly not our local retailer that might be far more convenient and relevant to our search.

Google also maintains a blacklist of websites that it won’t show in search results. And these aren’t websites that the government blocked or anything like that. They are sites Google chooses not to show for its own reasons.

Furthermore, Google employees modify results in the autocomplete feature. This feature predicts what you are searching for as you start typing in the search box.

This gives you a list of popular searches. The suggestions are supposed to be based on what other users are searching for.

Here’s a great example comparing Google’s autocomplete results to those of DuckDuckGo. The user started off by typing “Joe Biden is” in the search box…

Autocomplete Answers for Google vs. DuckDuckGo

Image
Source: The Wall Street Journal

Looking at the different results, Google is clearly modifying the autocomplete results to present a nonnegative view of Joe Biden. On the other hand, DuckDuckGo reveals actual searches that have taken place with a negative outlook on Joe Biden.

And remember, this is Google employees making modifications to the results. These not-so-subtle modifications can convey bias and influence our thinking.

It doesn’t matter what our political beliefs are… No company should try to manipulate our information with the explicit purpose of influencing how we think.

Google also made more than 3,200 changes to its algorithms last year. That’s up from 2,400 changes in 2017… and just 500 changes in 2010.

The trend is clear. Google is hard at work trying to influence the way we think about things rather than presenting us with honest results and allowing us to make up our own minds.

And remember, Google controls over 88% of the market for search engines. That means that nearly 9 out of 10 internet users are exposed to these search results. That is an extraordinary amount of power to wield.

For readers looking for alternatives, check out the Brave Browser as an alternative to Google Chrome. And consider using the DuckDuckGo search engine as an alternative to Google’s search engine.

AI can now predict lightning strikes…

That’s enough on Google for one day. Now let’s look at an incredible example of the power of AI…

I just came across excellent research out of the École Polytechnique Fédérale de Lausanne in Switzerland. Researchers there developed an artificial intelligence (AI) that can predict when and where lightning will strike.

I especially like how simple the model is. One would think that lightning strikes are complex and unpredictable events. But it turns out we just need four data points to make an accurate prediction. Those are air pressure, air temperature, relative humidity, and wind speed. That’s it.

The Swiss research team fed this environmental data into its AI… And the results were incredible. The AI predicted where lightning would strike within a 30-kilometer (about 18.6-mile) radius. And it predicted when lightning would strike with 80% accuracy and a 10- to 30-minute lead time.

This is a simple AI model that does not need a massive supercomputer to run. And there are some great applications…

If we know where and when lightning will strike, we can take steps to divert the lightning to an area where it won’t cause damage. The simple way to do this is with a lightning rod that attracts the lightning to it.

The Swiss team is also experimenting with a tool that fires lasers into the sky to influence where the lightning strikes. This tool could “push” the lightning toward a lightning rod where the energy can be safely dispersed.

And, of course, the next step would be to develop technology to capture the energy from lightning strikes when they occur. After all, if we can direct lightning to specific locations, why let the energy go to waste?

Regards,

Jeff Brown
Editor, The Bleeding Edge


Like what you’re reading? Send your thoughts to feedback@bonnerandpartners.com.


Want more stories like this one?

The Bleeding Edge is the only free newsletter that delivers daily insights and information from the high-tech world as well as topics and trends relevant to investments.