23
Jul
image

We've all read the horror stories: a new virus is crawling through the third-party stores, aiming to steal your personal information, identity, and first born child. More often than not, this type of malicious app is made possible because of one of the various root vulnerabilities that have been discovered throughout the various versions of Android.

X-Ray is a new app that lets you see exactly how vulnerable your device is by scanning it against several of these exploits, including RageAgainstTheCage, Gingerbreak, Mempodroid, Levitator, and a few more.

It's extremely easy to use: simply install it and run a scan. It will run through each exploit in a matter of minutes and display whether or not the device is vulnerable. Here's an example of the output I got on my Galaxy Nexus running CM9 RC2:

Screenshot_2012-07-23-11-04-15 Screenshot_2012-07-23-11-05-57

As you can see, the device is protected against all but one vulnerability (Mempodroid), which I assume will now be patched in the final version of CM9.

But what can be done with this information one you get it? Unfortunately, not much; especially for those still running stock software. In order to patch any exploits that the device may be vulnerable to, the carrier will have to send out an OTA update with a fix. What you can do with the information made available by this application, however, is have hard evidence that there is a security risk in your device and go to your carrier with the information. Whether or not they'll actually do something about it, though, is another story entirely. This will also help custom ROM cookers find the weak spots in their build to make a more secure ROM.

Ultimately, it's good to know what exploits, if any, your device is vulnerable to. The more you know, the easier it is to keep your device protected.

X-Ray is completely free (but not in the Play Store), so head here for more information and here directly from your device to grab the download.

Cameron Summerson
Cameron is a self-made geek, Android enthusiast, horror movie fanatic, musician, and cyclist. When he's not pounding keys here at AP, you can find him spending time with his wife and kids, plucking away on the 6-string, spinning on the streets, or watching The Texas Chainsaw Massacre on repeat.

  • http://twitter.com/rohanXm Rohan Mathur

    Just wanted to say that Jellybean is indeed more secure than ICS, my system is not vulnerable to any.

  • http://twitter.com/rohanXm Rohan Mathur

    Just wanted to say that Jellybean is indeed more secure than ICS, my system is not vulnerable to any.

  • http://twitter.com/rohanXm Rohan Mathur

    Just wanted to say that Jellybean is indeed more secure than ICS, my system is not vulnerable to any.

  • http://twitter.com/wstrmn Marc

    ON Paranoid ROM witch is baed on AOKP there is also the same risk detected with Mempodroid.

  • http://twitter.com/wstrmn Marc

    ON Paranoid ROM witch is baed on AOKP there is also the same risk detected with Mempodroid.

  • juxli125

    im on Gnex / cm10 with jelly belly kang and everything is OK :)

  • juxli125

    im on Gnex / cm10 with jelly belly kang and everything is OK :)

  • juxli125

    im on Gnex / cm10 with jelly belly kang and everything is OK :)

  • http://www.androidpolice.com/ Artem Russakovskii

    EVO LTE stock-based Fresh ROM not vulnerable to any.

    Props to Duo Security for releasing this.

  • Tzeench

    And how do we know this app isn't "aiming to steal your personal information, identity, and first born child"?

    • username_already_exists_error

      one of the founders of duosecurity is dug song. if you know about of his previous projects like openssh, openbsd, honeynet and the likes, you wouldn't ask that question.

      • http://www.facebook.com/profile.php?id=1745689461 Hal Motley

        OpenBSD says it all, that OS (BSD Variant) is designed to be as secure as possible!

  • Carlos Oliveira

    Using the ROM AndroidME with JB 4.1.1 and completely secure ^^

  • priority9

    Guess it is a very popular app. " This application is temporarily over its serving quota. Please try again later."

  • http://twitter.com/Chris_Padar Chris_Padar

    Is there a mirror somewhere? The developer seems to have exceeded their download bandwidth already.

  • Amer Khaznadar

    Is it wrong that I actually prefer it if stock ROMs were vulnerable? I kind of prefer to have an easy root solution available.

  • http://profiles.google.com/roland.kohn Roland Kohn

    Asus TF300 - rooted stock ROM: Vulnerable against Gingerbreak

  • http://www.facebook.com/mrlarge863 Jøey Pallares

    Hurray
    My rooted/stock Motorola Photon is exploit free no vulnerabilities found!
    Thanx Xray....Great App!

  • Melissa Peterson

    My rooted HTC One, still running the stock Sense ROM has none of these vulnerabilities.