Australia markets closed
  • ALL ORDS

    6,133.20
    -34.80 (-0.56%)
     
  • ASX 200

    5,927.60
    -32.70 (-0.55%)
     
  • AUD/USD

    0.7031
    +0.0001 (+0.01%)
     
  • OIL

    35.72
    -0.45 (-1.24%)
     
  • GOLD

    1,878.80
    +10.80 (+0.58%)
     
  • BTC-AUD

    19,490.11
    +120.90 (+0.62%)
     
  • CMC Crypto 200

    265.42
    +1.78 (+0.68%)
     
  • AUD/EUR

    0.6033
    +0.0015 (+0.25%)
     
  • AUD/NZD

    1.0623
    +0.0025 (+0.23%)
     
  • NZX 50

    12,084.47
    -117.33 (-0.96%)
     
  • NASDAQ

    11,052.95
    -297.80 (-2.62%)
     
  • FTSE

    5,577.27
    -4.48 (-0.08%)
     
  • Dow Jones

    26,501.60
    -157.51 (-0.59%)
     
  • DAX

    11,556.48
    -41.59 (-0.36%)
     
  • Hang Seng

    24,107.42
    -479.18 (-1.95%)
     
  • NIKKEI 225

    22,977.13
    -354.81 (-1.52%)
     

Google initiative warns of Android security flaws in non-Pixel devices

Jon Fingas
·Associate Editor
·1-min read

Google already has efforts to improve Android security, such as speeding updates and offering bug bounties, but it’s now ramping things up by disclosing flaws for software it didn’t write. The company has launched an Android Partner Vulnerability Initiative (via XDA-Developers) to manage security flaws it discovers that are specific to third-party Android devices. Google hopes to both “drive remediation” (read: prompt faster patch releases) and warn users about potential problems.

The company added that its initiative had already addressed a number of Android issues. It didn’t mention companies by name in a blog post, but a bug tracker for the program mentioned several manufacturers. Huawei had issues with insecure device backups in 2019, for example. Oppo and Vivo phones had sideloading vulnerabilities. ZTE had weaknesses in its message service and browser autofill. Other affected vendors included Meizu, chip maker MediaTek, Digitime, and Transsion.

Google notified all of the vendors before disclosing the flaws, and most if not all appear to have been fixed.

The move is a reminder to keep your device updated, of course, but it also applies pressure to Android partners — fix your flaws or the public will know that you didn’t. If that works, you’ll hopefully see a stronger emphasis on security across the Android ecosystem, not just from Google itself.