Hackers can use brute force to break into tens of millions of Android devices using full disk encryption, thanks to a series of security issues linked specifically to Android kernel flaws and Qualcomm processors, Neowin reports. The vulnerabilities were uncovered by security researcher Gal Beniamini, who is working with Google and Qualcomm to patch the problems — and some of the flaws have already been addressed. However, a few of the issues may not be patchable, instead requiring new hardware, the report says.
Any phone using Android 5.0 or later uses full disk encryption, the same security feature at the heart of Apple’s recent fight with the FBI. Full disk encryption makes all data on a device unrecognizable without a unique key. Even though modern Android devices use this security feature, Beniamini’s research found that an attacker can exploit kernel flaws and vulnerabilities in some of Qualcomm’s security measures to get that encryption key. Then, all that stands between the hacker and a device’s information is a password.
Submitted by: Arnfried Walbrecht