Friend
Professional
- Messages
- 2,653
- Reaction score
- 860
- Points
- 113
Google and Samsung's new file sharing service may become a target for hackers.
Google's Quick Share is a feature-rich utility for sharing data between Android, Windows, and Chrome OS devices. It uses a wide range of communication protocols, including Bluetooth, Wi-Fi, Wi-Fi Direct, WebRTC, and NFC, enabling fast and convenient file transfer between compatible devices located in the immediate vicinity.
Initially, Google developed Nearby Share as an analog of Apple's AirDrop. In July 2023, the company released a version for Windows, expanding cross-platform exchange capabilities. However, in January 2024, Google announced the merger of Nearby Share with Samsung's Quick Share technology, creating a single solution called Quick Share for Android users. What's more, Google is partnering with manufacturers like LG to integrate the new version of Quick Share as a pre-installed app on Windows PCs.
Despite the apparent simplicity of the concept of transferring files between devices, the implementation of such a system is a complex technical task. Given that this is Google's first attempt to develop a native Windows application with support for multiple communication protocols and functionality that goes beyond their core competence in web services, questions arise about potential vulnerabilities in the Windows version.
Despite the apparent simplicity of file transfer, the development of such software is associated with a number of difficulties. In a recent study presented at the DEF CON 32 conference in 2024, experts identified 10 unique vulnerabilities in the Windows version of Quick Share. These vulnerabilities allow attackers to perform remote code execution (RCE) on devices, which can pose a serious threat to users.
Most of the Quick Share code for Windows is publicly available, which makes the application potentially vulnerable to attacks. In this regard, it is important to take data protection measures, especially if the application will be pre-installed on new PCs.
Google and Samsung have already started working on fixing the identified vulnerabilities and have called on all device manufacturers and software developers to take part in protecting user data.
Source
Google's Quick Share is a feature-rich utility for sharing data between Android, Windows, and Chrome OS devices. It uses a wide range of communication protocols, including Bluetooth, Wi-Fi, Wi-Fi Direct, WebRTC, and NFC, enabling fast and convenient file transfer between compatible devices located in the immediate vicinity.
Initially, Google developed Nearby Share as an analog of Apple's AirDrop. In July 2023, the company released a version for Windows, expanding cross-platform exchange capabilities. However, in January 2024, Google announced the merger of Nearby Share with Samsung's Quick Share technology, creating a single solution called Quick Share for Android users. What's more, Google is partnering with manufacturers like LG to integrate the new version of Quick Share as a pre-installed app on Windows PCs.
Despite the apparent simplicity of the concept of transferring files between devices, the implementation of such a system is a complex technical task. Given that this is Google's first attempt to develop a native Windows application with support for multiple communication protocols and functionality that goes beyond their core competence in web services, questions arise about potential vulnerabilities in the Windows version.
Despite the apparent simplicity of file transfer, the development of such software is associated with a number of difficulties. In a recent study presented at the DEF CON 32 conference in 2024, experts identified 10 unique vulnerabilities in the Windows version of Quick Share. These vulnerabilities allow attackers to perform remote code execution (RCE) on devices, which can pose a serious threat to users.
Most of the Quick Share code for Windows is publicly available, which makes the application potentially vulnerable to attacks. In this regard, it is important to take data protection measures, especially if the application will be pre-installed on new PCs.
Google and Samsung have already started working on fixing the identified vulnerabilities and have called on all device manufacturers and software developers to take part in protecting user data.
Source
