Saturday July 02, 2016

Qualcomm-Powered Android Devices Have Faulty Full Disk Encryption

Android's full disk encryption isn't quite as fool-proof as it seemsآ—a security researcher has discovered a vulnerability that leaves the feature at risk to brute force attacks.

This is said to affect as many as hundreds of millions of Android devices, but what's really surprising is that those with Qualcomm processors آ— even newer flagship models آ— are seen as the most vulnerable. It seems the source of the security issue lies within the combination of Android kernel flaws and Qualcomm chips, although any smartphone running Android 5.0 or later and using full disk encryption is said to be at risk. But what makes the situation worse is that while both Google and Qualcomm have released patches recently addressing these issues, Beniamini's report says there are still some holes that can't be fixed without new hardware.