More than half of Android phones are vulnerable to encryption bypass

A newly revealed vulnerability on Android phones is able to bypass the full disk encryption on over half of devices. The attack, demonstrated by Israeli security researcher Gal Beniamini, can allow an attacker to break through the levels of trust and privileges that are intended to ensure only legitimate code can access secret material, such as DRM keys or disk encryption keys. Although the attack was patched in the May security update, two-factor authentication specialist Duo Security says that only 43 percent of Android devices are patched and safe from this type of attack, leaving 57 percent still at risk.… [Continue Reading]