Facebook, one of the world’s largest social media networks, is increasingly being accessed from mobile devices, which largely includes either iOS or Android. The service has 1.5 billion users that are constantly forming new relationships and contacting others over Facebook, and as a result, a heavy focus on security is required. The company is working to make sure its users are protected from any form of attack, but it seems one particular weakness is affecting an especially large portion of Facebook’s audience: outdated Android software.
Software engineer Alex Stamos works as Facebook’s head of security. Responsible for the security of the network’s massive user base, Stamos is keenly aware of the consequences of poor protection. Every day, any number of breaches may be waiting to happen, and it’s his job to make sure that users are kept safe from any damage. Naturally, this means that the more secure users are to start with, the less Stamos has to worry over potential harm from your run-of-the-mill hacker or even high-profile attacks.
However, it’s becoming increasingly difficult for users on Android hardware to stay up-to-date on the latest improvements in security from Google. Facebook’s user base is largely moving to a mobile-first experience, and this in itself is a risk for the company. Stamos points to mobile devices as his single greatest worry. On Wednesday’s Irish tech conference Web Summit, Stamos explained that the new availability of inexpensive handsets has left a significant portion of Facebook’s user base susceptible to hacking. Most of these devices are running some version of Android software, usually due to the platform’s low cost for manufacturers. As a result of economical devices, even users with little disposable income are finding their way to Facebook and connecting with the over a billion others already a part of the network.
While this cheap technology is all well and good, security takes a back seat when manufacturers are looking to cut down on costs. Updating and supporting the most inexpensive handsets to the latest Google release of Android usually proves too much for companies to handle, and as a result, Facebook users are left more vulnerable than ever. Also, in the competitive world of Android hardware, many smaller manufacturers are finding themselves forced out of business and unable to support any of their hardware. While Android has become the world’s most successful mobile OS in terms of market share, “there are hundreds of millions of Android devices that will never be patched,” says Stamos.
The nature of Android means that outdated software has become a concern for many companies like Facebook, as well as users themselves. While Google may have squashed a bug long ago, some devices will never update and will instead stay susceptible to opportunist hackers. As a result, anything from identity theft to financial fraud is a very real dangers for millions.