Cambridge paper shows that LG is better than other OEMs when it comes to security


According to a paper recently published by the UK's University of Cambridge, not all Android smartphone makers are equal when it comes to the security of their devices.

After looking for known security vulnerabilities in 20,000 Android devices, Cambridge researchers Daniel Thomas, Alastair Beresford, and Andrew Rice found that about 87% of all Android smartphones are currently exposed to at least one known security bug. 

This ratio doesn't come as shocking news in the light of the recent Stagefright exploits, thought to affect nearly all Android smartphones currently at the time of their discovery. However, what's particularly interesting about this paper is that an analysis at the manufacturer level reveals that some companies do a better job at maintaining the cyber security of their smartphones.

After Stagefright was uncovered, the breadth of the exploits initiated a security-minded campaign among Android smartphone makers. Spearheaded by Google, who was the first to promise monthly Android security updates, the initiative was since adopted by major phone makers such as Samsung and LG. On the opposite side of the spectrum, HTC found that while the desire to improve the security of Android smartphones is admirable, monthly security are not a viable solution, pointing out to wireless carriers as the main bottleneck.

At the rate exploits are being uncovered in the Android ecosystem, timely patches for well-known bugs are crucial to the vulnerability of a device. According to the Cambridge researchers, however, the average Android smartphone only receives 1.26 security updates per year, which is well below the one-per-month ratio that Google and its partners are trying to achieve.

Although carriers are often blamed for being very slow to push out updates, it looks like smartphone makers could also improve on their response time. To compare the security levels offered by various smartphone makers, the team of Cambridge researchers came up with an intelligent composite score called FUM. This score has three components: the ratio of devices safe from known critical vulnerabilities, the ratio of devices updated to the most recent Android version, and the number of vulnerabilities that the manufacturer hasn't patched on any device.

The FUM scores, published at AndroidVulnerabilities.com, unsurprisingly reveals that devices from the Google Nexus family are generally less vulnerable to known exploits. It's the perfect example of how getting Android updates right from Google can help speed up the patching process. Out of the major smartphone makers, companies that actually manufacture their own devices, LG has the best FUM score, followed by Motorola, Samsung, Sony, HTC, and ASUS. 

You can browse for more details about known vulnerabilities for each manufacturer, and even contribute to the project by downloading an app that checks your smartphone for known bugs by heading over to the source link below.

FEATURED VIDEO

19 Comments

1. zeeBomb

Posts: 2318; Member since: Aug 14, 2014

But does LG come better when it goes to their UI? Heeelllll nawwww

5. elitewolverine

Posts: 5192; Member since: Oct 28, 2013

launchers

16. jessyi

Posts: 327; Member since: Jan 08, 2015

I love LG UI the most customizable. Very colorful,fluid.touchwiz look the same evry year just like apple..their UI look stale already for me.

21. sharks

Posts: 236; Member since: Feb 16, 2013

Knowing PhoneArena's fanboism, i almost misread the title as: "Cambridge paper shows that SAMSUNG is better than other OEMs when it comes to security". For once, it's good to see LG get some spotlight for its tenacious fight against its domestic mammoth rival in the last few years when other manufacturers, like HTC and Sony, are failing or making losses. I especially applaud LG for being the first major brand to choose the Snapdragon 808 over the 810 in its flagship device, which is the most sensible choice given other manufacturers who persisted to offer the latest and "greatest" 810 which ultimately ruined their flagship devices due to overheating.

17. AndroidStuff

Posts: 47; Member since: Feb 24, 2014

those who talk about LG Ui are the people who never used it. Just look at the UX 4.0 and then comment out kid :-)

4. Ezio2710

Posts: 548; Member since: Aug 22, 2015

This link shows that PA is worse than other sites

6. Commentator

Posts: 3722; Member since: Aug 16, 2011

8. zeeBomb

Posts: 2318; Member since: Aug 14, 2014

Samsung, Sony and other brands be like: "we made it! We beat apple"

9. Commentator

Posts: 3722; Member since: Aug 16, 2011

About time, although looking back historically they've been trading blows for a long time. Good for the customer! Bad for the fanboy (because the stress takes years off his life). Another insight from that article: if the Nexus 5X camera is anything like the Nexus 5P (and they're supposed to be the exact same sensor) I'll be one happy Nexus 5X owner in a couple weeks!

3. Commentator

Posts: 3722; Member since: Aug 16, 2011

Those damn Walton phones...

7. Commentator

Posts: 3722; Member since: Aug 16, 2011

"Source link? We ain't got no source link. We don't need no source link. I don't have to show you any stinkin' source link!" -PA Love that line!

12. legiloca

Posts: 1676; Member since: Nov 11, 2014

I'm probably considering a Nexus device in the future.. maybe a Nexus 5 would do

15. BobbyBuster

Posts: 854; Member since: Jan 13, 2015

Congrats Sammy, you succeeded in scoring more than half of Nexus'.

18. Astonvan

Posts: 237; Member since: Aug 14, 2015

Losers like you should STFU

20. hanabi

Posts: 177; Member since: Oct 08, 2015

I hope G5 comes out with nice design like v10

* Some comments have been hidden, because they don't meet the discussions rules.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.