dcsimg

Android Tablet Security Analysis for the 2014 Holidays

  • Android Tablet Security Analysis for the 2014 Holidays-

    In addition to findings from Trustable, Bluebox Labs also ran a few popular antivirus/malware scanners on the tablets.  A few tablets came loaded with known Adware/Riskware. They also encountered a version of Angry Birds that came loaded on one tablet that was resigned by the device vendor. This means the vendor could have modified Angry Birds to collect more information than the authors originally intended to. This also precludes the version of Angry Birds on the tablet from ever receiving updates from the original developer, as the signing keys are different.

    You Get What You Pay For

    These results may be surprising to non-Android enthusiasts, but to be honest, Bluebox Labs routinely encounters these ongoing types of security problems with lower-budget Android device vendors.  The same situation occurs with inexpensive Android phones bought from eBay and other international marketplaces, etc.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17

Android Tablet Security Analysis for the 2014 Holidays

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17
  • Android Tablet Security Analysis for the 2014 Holidays-16

    In addition to findings from Trustable, Bluebox Labs also ran a few popular antivirus/malware scanners on the tablets.  A few tablets came loaded with known Adware/Riskware. They also encountered a version of Angry Birds that came loaded on one tablet that was resigned by the device vendor. This means the vendor could have modified Angry Birds to collect more information than the authors originally intended to. This also precludes the version of Angry Birds on the tablet from ever receiving updates from the original developer, as the signing keys are different.

    You Get What You Pay For

    These results may be surprising to non-Android enthusiasts, but to be honest, Bluebox Labs routinely encounters these ongoing types of security problems with lower-budget Android device vendors.  The same situation occurs with inexpensive Android phones bought from eBay and other international marketplaces, etc.

BlueboxTabletSecurityReviewKey

Without a doubt, tablets will be a hot item this holiday season. Retailers from Best Buy, Wal-mart, Target, Kohl's and Staples are hard at work offering can't-miss deals this holiday for a host of "bargain" Android tablets. But how much of a deal are you really getting?

Bluebox Labs recently purchased over a dozen tablets featured in this year's Black Friday extravaganzas (most under $100) and reviewed each of them for security. What they found was shocking and quite terrifying. Many of the devices shipped with vulnerabilities and security misconfigurations – a few even had security backdoors.

We know that the product quality and features on inexpensive tablets are less than more expensive tablets. But Android is Android, and the software running on these tablets should offer the same secure Android experience as other Android devices. Alas, the device vendor makes many decisions when constructing an Android tablet, and some of those decisions can drastically affect the overall security and long-term trustability of the device.

The amount of security variation in Android devices is so large that Bluebox Labs recently released the free Trustable by Bluebox Android application to discover and measure all of the security aspects of a device. The Trustable by Bluebox app produces an overall Trust Score, which provides an indication on how trustable the device is compared to other available Android devices. You can read all about how they compute a Trust Score here and give the Trustable by Bluebox app a try by downloading it from Google Play.