ACLU files complaint against mobile carriers


Helen Martin

Virus Bulletin, UK
Editor: Helen Martin


Complaint lodged against mobile phone carriers for failing to warn users about Android security flaws.

The American Civil Liberties Union (ACLU) has filed a complaint with the US Federal Trade Commission (FTC) against US mobile phone carriers for failing to warn their users about critical security flaws in the Android operating system running on their phones.

The ACLU has asked the FTC to investigate AT&T, Verizon, Sprint and T-Mobile, whose phones do not receive critical software security updates, thus exposing consumers and their private data to cybersecurity-related risks.

Despite the fact that the Android operating system dominates the smartphone market, the majority of mobile devices running the software are running out-of-date versions – often with known critical vulnerabilities.

Although Google fixes flaws in the operating system on a regular basis, patches are not issued to consumers by the mobile carriers and device manufacturers – the more profitable route for them being to encourage users to upgrade to the latest device. As a result, the vast majority of Android users will not be running the latest version.

In its complaint, the ACLU argues that the major wireless carriers have engaged in ‘unfair and deceptive business practices’ by failing to warn their customers about known, unpatched security flaws in their mobile devices.

The full complaint can be read at



Latest articles:

VB2018 paper: Lazarus Group: a mahjong game played with different sets of tiles

The number of incidents attributed to the Lazarus Group, a.k.a. Hidden Cobra, has grown rapidly since its estimated establishment in 2009. In this paper, ESET researchers Peter Kalnai and Michal Poslusny look at various cells within the group, that…

VB2018 paper: Fake News, Inc.

As the world grapples with massive disinformation campaigns waged by the intelligence agencies of hostile nations, we should not forget that such activities are not limited to the purview of the Bears or Pandas of the world, and that even relatively…

Alternative communication channel over NTP

Nikolaos Tsapakis explores Network Time Protocol (NTP) as an alternative communication channel, providing practical examples, code, and the basic theory behind the idea.

VB2018 paper: Under the hood: the automotive challenge

In an average five-year-old car, there are about 30 different computers on board. In an average new car, there are double that number, and in some cases up to 100. That’s the size of network an average SMB would have, only there’s no CIO/CISO, and…

VB2018 paper: Android app deobfuscation using static-dynamic cooperation

Malicious Android applications are quite common, and can even be found from time to time in the Google Play Store. Thus, a lot of work has been done in both industry and academia on Android app analysis, and in particular, static code analysis. One…

Bulletin Archive

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.