Originally seen on: Zdnet by Charlie Osborne, February 7th, 2019
Be careful if you are sent an image from a suspicious source.
Opening a cute cat meme or innocent landscape photo may seem harmless enough, but if it happens to be in a .PNG format, your Android device could be critically compromised due to a new attack.
In Google’s Android security update for February, the tech giant’s advisory noted a critical vulnerability which exists in the Android operating system’s framework.
All it takes to trigger the bug is for attackers to send a crafted, malicious Portable Network Graphic (.PNG) file to a victim’s device. Should the user open the file, the exploit is triggered.
Remote attackers are then able to execute arbitrary code in the context of a privileged process, according to Google.
Android versions 7.0 to 9.0 are impacted.
There are no current reports of the vulnerability being exploited in the wild. However, given the ease in which the bug can be exploited, users should accept incoming updates to their Android builds as soon as possible.
As vendors utilizing the Android operating system roll out security patches and updates at different rates, Google has declined to reveal the technical details of the exploit to mitigate the risk of attack.
Google’s bulletin also outlined remote code execution flaws impacting the Android library, system files, and Nvidia components. Elevation of privilege and information disclosure security holes have also been resolved.
Source code patches for the .PNG issue, alongside other security problems raised in the bulletin, have also been released to the Android Open Source Project (AOSP) repository.
In January, researchers revealed the existence of a new malvertising group called VeryMal. The scammers specifically target Apple users and bury malicious code in digital images using steganography techniques to redirect users from legitimate websites to malicious domains controlled by the attackers.
Originally Seen: TechTarget April 2018
The latest update on AT&T’s mobile 5G network trials indicates the company will need to work faster to meet its goal of launching a commercial service by the end of the year.
AT&T’s latest update on its mobile 5G trials indicates the carrier has significant hurdles to clear to achieve its goal of launching by the end of the year a commercial service based on the high-speed wireless technology.
AT&T published this week a blog describing its progress in the mobile 5G network trials in Austin and Waco, Texas; Kalamazoo, Mich.; and South Bend, Ind. The company started the tests roughly 18 months ago in Austin, adding the other cities late last year.
AT&T, along with Verizon and other carriers, is spending billions of dollars to develop fifth-generation wireless networks for business, consumer and internet of things applications. But the latest metrics published by AT&T were not what analysts would expect from technology for delivering mobile broadband to smartphones, tablets and other devices.
Chris Antlitz, analyst, Technology Business Research Inc.
“When I look at how AT&T is characterizing these tests, it doesn’t look like mobile 5G to me,” said Chris Antlitz, an analyst at Technology Business Research Inc., based in Hampton, N.H.. “It seems like there are some inconsistencies there.”
AT&T plans to deliver mobile 5G over the millimeter wave (mmWave) band, which is a spectrum between 30 gigahertz (GHz) and 300 GHz. MmWave allows for data rates up to 10 Gbps, which comfortably accommodates carriers’ plans for 5G. But before service providers can use the technology, they have to surmount its limitations in signal distance and in traveling through obstacles, like buildings.
AT&T’s mobile 5G network challenges
AT&T’s update indicates mmWave’s constraints remain a challenge. In Waco, for example, AT&T delivered 5G to a retail business roughly 500 feet away from its cellular transmitter. That maximum distance would require more transmitters than the population outside of major cities could support, Antlitz said.
AT&T, however, could provide a fixed wireless network that sends a 5G signal to residences and businesses as an alternative to wired broadband, Antlitz said. AT&T rival Verizon plans to offer that product by the end of the year.
Other shortcomings include AT&T’s limited success in sending a 5G signal from the cellular transmitter through the buildings, trees and other obstacles likely to stand in the way of its destination. In the trial update, AT&T said it achieved gigabit speeds only in “some non-line of sight conditions.” A line of sight typically refers to an unobstructed path between the transmitting and receiving antennas.
Distance and piercing obstacles are challenges for any carrier using mmWave for a mobile 5G network. Buildings and other large physical objects can block the technology’s short, high-frequency wavelengths. Also, gases in the atmosphere, rain and humidity can weaken mmWave’s signal strength, limiting the technology’s reach to six-tenths of a mile or less.
AT&T’s achievement in network latency also falls short of what’s optimal for a mobile 5G network. The carriers’ 9 to 12 milliseconds seem “a little high,” Antlitz said. “I would expect that on LTE, not 5G. 5G should be lower.”
While AT&T has likely made some progress in developing mobile 5G, “a lot of work needs to be done,” said Rajesh Ghai, an analyst at IDC.
Delays possible in AT&T, Verizon 5G offerings
Meanwhile, Verizon is testing its fixed wireless 5G network — a combination of mmWave and proprietary technology — in 11 major metropolitan areas. So far, the features Verizon has developed places the carrier “fairly far ahead of AT&T in terms of maximizing the capabilities of 5G,” Antlitz said.
Nevertheless, neither Verizon nor AT&T is a sure bet for launching a commercial 5G network this year.
“Some of this stuff might wind up getting pushed into 2019,” Antlitz said. “There are so many things that could throw a monkey wrench in their timetable. The probability of something doing that is very high.”