"Welcome everyone. Before the meeting begins, our company has prepared a report card for all partners and friends to summarize past achievements."
Dong Qi appeared in front of the stage and said this.
Yu Chengdong looked at it in surprise.
"Then the boy won't come out?"
Muttering in his mind, his attention was attracted by the content on the big screen behind Dong Qi.
“Due to the particularity of the open source Android system, users can install applications by themselves, bypassing all application security supervision mechanisms.
When our company conducted a comprehensive security check on Android mobile applications, we found:
Client vulnerability
60% of vulnerabilities are on the client side.
89% of vulnerabilities can be exploited without physical access.
56% of vulnerabilities can be exploited without administrator privileges.
Server side vulnerability
Server-side component vulnerabilities can exist both in application code and in application protection mechanisms.
Our company has fixed and optimized the following issues in the latest [Boundary Monument] update in 2019.
Insufficient transport layer security problem.
Encrypt and protect sensitive communications while ensuring information integrity and secure transmission. All connections that require authentication are encrypted.
Application cache data security measures are lacking.
All sensitive user data can be leaked from the application cache through the main application code or third-party frameworks. Devices can easily be lost or stolen; many users do not lock their devices. An attacker with direct access to the physical device can view the cached data.
[Boundary Monument] The threat model created based on hundreds of billions of attacks on the mobile Internet platform can prevent this situation from occurring.
User social software data cache, keyboard key cache, logging, copy or paste cache, application background, and browser cookie objects are all protected.
Administrator rights are causing problems.
After cooperating with major mobile phone manufacturers in 2017 and 2018, [Boundary Monument] fixed the vulnerabilities through the mobile phone system as follows:
After the mobile phone system is updated, it becomes impossible to connect to Bluetooth.
The mobile network correction traffic always times out but the text message has been sent.
The storage space is sufficient, but when installing the application, it shows that there is insufficient memory.
After system update, the resolution and font display are wrong.
A firmware update resulted in this malfunction.
…
The long list of vulnerability repair reports, as well as the last statistical table summarizing the vulnerability data of Android mobile phone systems, deeply shocked all mobile phone manufacturers present.
Among them, manufacturers that have not received the exclusive optimization of [Boundary Monument] have seen some errors that often occur in their own mobile phone systems in these loopholes.
The atmosphere in the conference room suddenly became dull.
Gao Nishi was really full of energy when he came, but when the report came out, his expression instantly darkened.
Especially in the end, when it comes to power control loopholes in mobile phone systems and screen display problems, they are all poking at the weaknesses of Korean stars.
He could even hear the R&D personnel of Jiuzhou Technology Company saying at work: "Without our [Boundary Monument], what is the use of your Hanxing system? Look at the leaks, you can't even repair them, I'm afraid there will be more Blow it up a few times.”
The open source of Android system has brought tens of thousands of programmers to enrich its functions, and also brought countless loopholes and BUGs.
Android mobile phone manufacturers are aware of these problems, and naturally other executives of Cuco and Pingguo are also aware of them.
Their expressions are very interesting. Although their eyes are serious, the curves in the corners of their mouths from time to time represent the activities in their hearts, not the seriousness shown on their faces.
But this expression didn't last long before disappearing.
"Although Pingguo Company has only cooperated with our company for one year, our software engineering department has also repaired many loopholes for Pingguo Company's Pingguo system. Although our company cannot Fixing deep system vulnerabilities, but also indirectly fixing vulnerabilities through external constraints.”
Dong Qi's business-like speech made some Pingguo executives who knew the internal secrets of their own system stop breathing.
Subsequently, the content on the big screen also confirmed what Dong Qi said was true.
There is a vulnerability in the FaceTime software in the IOS12.1.3 system version: when the user uses this function to make a call, the other party's voice can be heard before the other party answers the call or refuses to listen. When the user presses the power button, the phone will even The camera is sent to the other party’s mobile phone.
During the system migration and upgrade process, old vulnerabilities that had been patched were cracked again, causing users' phones to repeatedly check the devices connected to them.
When the user calls Siri, the mobile phone system will automatically monitor and store the voice sound waves in the current environment. After receiving an unknown signal, the camera can even be activated in a black screen state.
…
Taking off someone's underwear, maybe that's what it means.
Except for Pingguo Company, the other executives present all looked at Pingguo Kuco's position.
If some media published this thing, they wouldn't be worried, because this kind of "Pingguo loophole" news would have been spread all over the streets.
But if Jiuzhou Technology Company announced this vulnerability, they would not be able to sit idly by and ignore it.
Perhaps they were dissatisfied with Jiuzhou Technology Company's public relations and [Boundary Monument] business changes.
But they admire Jiuzhou Technology Company's system optimization and vulnerability repair capabilities, otherwise there would be no reason for some mobile phone manufacturers to postpone development in this area.
At this moment, the content of the report presented by Jiuzhou Technology Company simply told them clearly: the Pingguo system can be controlled by some forces and used as a spy tool.
How can this be allowed?
Just imagine, when they are holding a confidential meeting or a highly confidential business meeting internally, as long as one person brings a Pingguo mobile phone to the venue, it means that a third party may be monitoring the entire meeting.
That's a damn confidential meeting!
Kuko's expression was gloomy, but the shadows under his deep eye sockets made many people break into cold sweats.
Time seems to have stood still.
After a moment, he smiled bitterly and said: "Oh, these loopholes were created when the system architecture was originally built. Now as the system becomes more and more complex, it is difficult to repair.
I am very grateful to Jiuzhou Technology Company for its help in making our system more secure. We can purchase this service for 200 million US dollars. On behalf of Pingguo Company, I would like to express my sincere gratitude. "
Although Kuko's expression is relatively calm, some people with keen intuition have found that Kuko's language is a bit cumbersome and even has a grammatical disorder.
Dong Qi was on the stage. He pinched his thigh with his left hand behind the table, wiped the sweat from his palm, and then nodded slightly and said: "Pingguo Company is our company's partner in the [Boundary Monument] project. Naturally, we will provide your company with the same high-quality services as other partners.”
