Whether to be frightened or not from ‘Stagefright’ bug
Software bugs are something associated with software since somewhere around mid ‘50s when a moth accidentally got inside the system and caused the error, since then whenever there any software coding error or glitch occurs, it is called ‘bug’. There are thousands of bugs our software world has witnessed till the date; some of them, had kept the developers sleepless days and days out while many of them got mitigated with ease.
The prevalence of bugs can better understand by the statistics availed by a study which says that it eat out more than $80 billion every year. Application bugs are like a nightmare for app development companies as it causes them huge amount of time. The purpose to provoke such a bug-full topic is that, we smartphone users are confronting a mighty bug since last couple of months named ‘Stagefirght’. The bug is severally frightening and has the potentiality to jeopardize the private data stored in your phone substantially. Thus, it becomes quite important for us to have some knowledge regarding the bug and how we can prevent it from infringing into our phones.
A remotely exploitable software bug known as stagefright, particularly capable of affecting the android OS devices adversely, after 2.2 Froyo versions. It lies in an android system quietly without getting into the eyes of the user. The attack is made through the deployment of a video in the form of MMS under ‘libStageFright’ mechanism as android system is accustomed to process video conveniently. There are numerous text messaging apps such as Hangout, WhatsApp, Facebook Messenger etc available except default texting feature of the phone. These apps are configured to download videos automatically, the moment they get received, so when users open this video to watch, they unknowingly open gateway for the stagefight.
Joshua Drake, VP of platform research and exploitation, at digital security firm Zimperium had drawn the attention of Google in April this year regarding serious vulnerabilities in android system which caused by stagefright. Drake and R&D team of Zimperium has created a sample code to demonstrate, how the bug tends to utilize the stagefright media library’s most crucial vulnerability, via initiating an MP4 prepared through Python script. This enables the attackers with a reverse commandshell by which they can control the device completely and run several commands reluctantly. Source mentioned that attackers can control the device to that extent that they can listen on call conversation or even click images from any distant location.
Certain measures are taken collaboratively by Google as well as other app development community to mitigate with the bug at the earliest stage, before it becomes fierce issue globally. Since the stagefright has the capabilities to compromise national security. Until the appropriate cure is being provided systematically, app development companies should be aware of the bug and act accordingly. Contact App Development Companies for bug free Mobile Applications on each and every platform.