Technology: breaking the hegemony that monopolizes the world

Chapter 208 Vulnerabilities in the two major systems

"Welcome everyone. Before the meeting, our company prepared a report card for all partners and friends to summarize the past achievements."

Dong Qi appeared in front of the stage and said so.

Yu Chengdong glanced in surprise.

"The kid won't come out?"

With a mutter in his heart, his attention was attracted by the content on the big screen behind Dong Qi.

"Due to the particularity of the open source of the Android system, and users can bypass all application security supervision mechanisms to install applications by themselves.

When our company conducted a comprehensive security inspection of Android-based mobile applications, we found that:

client vulnerability

60% of vulnerabilities are on the client side.

89% of vulnerabilities can be exploited without physical access.

56% of vulnerabilities can be exploited without administrator privileges.

Server Vulnerabilities

Server-side component vulnerabilities can exist both in application code and in application protection mechanisms.

Our company has fixed and optimized the following issues in the latest [Boundary Monument] update in 2019.

Insufficient transport layer security issues.

On the premise of ensuring the integrity of information and secure transmission, encrypt and protect sensitive communications, all connections that require authentication are encrypted,

App cache data security measures are lacking.

Sensitive data owned by the user can leak from the application cache through the main application code or third-party frameworks. Devices can be easily lost or stolen; many users do not lock their devices. An attacker who has direct access to the physical device can view the cached data.

[Boundary Monument] The threat model created based on hundreds of billions of attacks on the mobile Internet platform can prevent this from happening.

User social software data cache, keyboard keystroke cache, logging, copy or paste cache, application background, browser cookie objects are all protected.

Admin rights are causing the problem.

After cooperating with major mobile phone manufacturers in 2017 and 2018, [Boundary Monument] repaired the following vulnerabilities through the mobile phone system:

After the mobile phone system is updated, the bluetooth cannot be connected.

The mobile phone network correction traffic always times out but the SMS has been sent.

The storage space is sufficient, but when installing the application, it shows insufficient memory.

After the system is updated, the resolution is wrong and the fonts are displayed wrongly.

A firmware update upgrade caused this malfunction.

...

A long list of bug fix reports, as well as the last statistical table summarizing the bug data of the Android mobile phone system, deeply shocked all the mobile phone manufacturers present.

Among them, manufacturers who have not received the exclusive optimization of [Boundary Monument] have seen some errors that often occur in their own mobile phone systems through these loopholes.

The atmosphere in the conference room suddenly became dull.

When Gao Xizhen came, he was very aggressive, but when the report was released, his expression immediately became gloomy.

Especially for the power control loopholes of the mobile phone system and screen display problems in the end, both of them are poking at the weaknesses of Korean stars.

He could even hear the R\u0026D personnel of Kyushu Technology Company say at work: "Without our [Boundary Monument], what is the use of your Han Xing system? Look at the leak, you can't even fix these, I'm afraid you will have to do it again." Fry a few times."

The open source of the Android system has brought tens of thousands of programmers to enrich its functions, and also brought countless loopholes and bugs.

Android mobile phone manufacturers are aware of these problems, and other executives of Kuco and Pingguo are naturally aware of these problems.

Their expressions are very interesting. Although their eyes are very serious, the arcs at the corners of their mouths from time to time represent the activities in their hearts, not the seriousness shown on their faces.

It's just that this expression didn't last long before it disappeared.

"Although Pingguo Company has only cooperated with our company for one year, our software engineering department has also repaired many loopholes for Pingguo Company's Pingguo system. Although due to your company's strict protection of the system core, our company cannot Fixes deep systemic vulnerabilities, but also indirectly fixes vulnerabilities through external constraints."

Dong Qi's official speech made some Pingguo executives who knew the secrets of their own system stagnate.

Later, the content on the big screen also confirmed what Dong Qi said was true.

There is a loophole in the FaceTime software in the IOS12.1.3 system version system: when the user uses this function to make a call, he can hear the other party’s voice before the other party answers the call or refuses to listen. When the user presses the power button, the phone will even transfer The camera is sent to the other party's mobile phone.

During the system migration and upgrade process, the old vulnerabilities that had been patched were cracked again, causing users' mobile phones to repeatedly check the devices connected to them.

When the user invokes Siri, the mobile phone system will automatically monitor and store the voice sound waves of the current environment. After receiving an unknown signal, it can even start the camera in a black screen state.

...

Picking up people's underpants, maybe that's what it means.

Except for Pingguo Company, the other executives all looked at Pingguo Kuke's position.

If some media publishes this, they won't be worried, because this kind of "Pingguo loophole" news has already spread all over the street.

But if the Kyushu technology company announced this loophole, they would not be able to sit idly by.

Perhaps they are very dissatisfied with Kyushu Technology's public relations and [Boundary Monument]'s business changes.

But they admire Kyushu Technology's system optimization and vulnerability repair capabilities, otherwise there would be no reason for some mobile phone manufacturers to delay development in this area.

At this moment, the content of the report presented by Kyushu Science and Technology Company simply told them clearly: the Pingguo system can be manipulated by some forces and used as a tool for espionage.

How can this be allowed?

Just imagine, when they hold a confidential meeting or a highly confidential business meeting internally, as long as one person enters the venue with a Pingguo mobile phone, it means that the meeting may be monitored by a third party throughout the meeting.

That secretive meeting while riding a horse!

Ku Ke's expression was uncertain, but the shadows under the deep eye sockets made many people break out in cold sweat.

Time seemed to stand still.

After a while, he smiled wryly and said, "Oh, these loopholes were created when the system architecture was first built, and now the system is getting more and more complicated, so it's not easy to fix.

I am very grateful for the help of Kyushu Technology Co., Ltd. to make our system more secure. This service can be purchased for 200 million US dollars. On behalf of Pingguo Company, I would like to express my sincere thanks. "

Although Ku Ke's expression was quite calm, some people with keen intuition found that Ku Ke's language was a bit cumbersome and even had language problems.

Dong Qi was on the stage, pinched his thigh with his left hand behind the table, then wiped the sweat on his palm, then nodded slightly and said: "Pingguo Company is our company's partner in the [Boundary Monument] project, our company Naturally, we will provide your company with the same high-quality service as other partners.”

PS: The content of this book is purely fictitious, please do not over-interpret it.

Thank you for your recommended tickets and monthly tickets, I wish you all a happy Mid-Autumn Festival~

Tap the screen to use advanced tools Tip: You can use left and right keyboard keys to browse between chapters.

You'll Also Like