Android owners that have a habit of getting infected or fear that something may harm the device, without their knowledge, may want to use X-Ray. This Android application is not a standard anti-virus client which can be fooled through classic methods, but a software that has learned from others mistakes and performs quite well against security vulnerabilities and other hazardous threats.
Developed by Duo Security experts, X-Ray can scan an Android device and detect most vulnerabilities which are invisible to the untrained eye and which can be fixed by requesting a patch from your carrier. You see, most Android handsets out there come with a long list of things that should be improved when it came to security, and although both the carrier and Google itself may be aware of the glitch, they stand aside and leave a door open for sneaky malwares. Using X-Ray, users can become aware of such flaws and take the appropriate action in order to keep the device secure.
How does X-Ray work?
First of all, X-ray is not an ordinary anti-virus software that compares the signature of applications and if mismatches have been found, tags it as infected. This Android security software actually scans the device itself and the operating system to determine whether there are vulnerabilities that remained unpatched by your carrier. These vulnerabilities are usually known as “privilege escalation” threats and can be simply pictured as shortcuts which malwares can use to gain advantages such as root access on a device.
Once a malware gains administrative rights, it can alter every bit of information handled by the terminal, including the distribution of paid text messages, call scenarios and private data as passwords and such. Plain and simple, the permission list you agree to when installing an application from Google Play can be modified using privilege escalations to include every possible action which a smartphone could perform.
Why do such vulnerabilities exist?
Although Google tries is best to tie any loose strings, just like Microsoft did with its former Tuesday Patch Day on Windows, the process of serving updates to millions of users is not facile. Once a new threat is discovered and Google develops a workaround, it sends the information to carriers for distribution. They have to add their own piece of software above the patch and to serve the new Android version to all compatible clients.
Now in this last step of the procedure usually hiccups are encountered. You see, why add a security patch in Android 2.3 Gingerbread and deliver it while a brand new shiny device with Android 4.0 is ready to be sold? It would harm their profits and considering the fact that capitalism is the new religion, it would be a sin to do so.
How to use X-Ray
Although Google has opposed to letting such applications inside the Google Play market, X-Ray can be safely downloaded from the official website. Here’s what you need to do first:
- Allow non-market apps to be installed by going to Settings -> Applications (or Security for some versions) and by checking the “Unkown Sources” box.
- Now from your mobile terminal open this link or use the QR code attached aside.
- Install the application just like any other and perform a quick scan.
- A list will be displayed will all the detected vulnerabilities.
Once you’ve found that the device is not quite stable, here’s what you can do:
- Check for a system update by going to Settings -> About Phone -> System updates.
- Install a custom ROM like CyanogenMod which uses a newer Android version than the one currently installed. Usually, once Google releases a new OS version most vulnerabilities are patched.
- Contact the carrier and ask him when an update for your device will be available, one which should fix your problems.
- If all the above fail, stay away from untrusted applications.