It appears you have not yet registered with our community. To register please click here...

Go Back [M] > Madshrimps > WebNews
Bluebox reveals Android security hole Bluebox reveals Android security hole
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Bluebox reveals Android security hole
Thread Tools
Old 4th July 2013, 08:06   #1
[M] Reviewer
Stefan Mileschin's Avatar
Join Date: May 2010
Location: Romania
Posts: 96,443
Stefan Mileschin Freshly Registered
Default Bluebox reveals Android security hole

Researchers at Bluebox Security have revealed a disturbing flaw in Android's security model, which the group claims may affect up to 99 percent of Android devices in existence. According to Bluebox, this vulnerability has existed since Android 1.6 (Donut), which gives malicious app developers the ability to modify the code of a legitimate APK, all without breaking its cryptographic signature -- thereby allowing the installation to go unnoticed. To pull off the exploit, a rotten app developer would first need to trick an unknowing user into installing the malicious update, but hackers could theoretically gain full control of a user's phone if the "update" posed as a system file from the manufacturer.

Bluebox claims that it notified Google of the exploit in February. According to CIO, Bluebox CTO Jeff Forristal has named the Galaxy S 4 as the only device that's currently immune to the exploit -- which suggests that a security patch may already exist. Forristal further claims that Google is working on an update for its Nexus devices. In response to our inquiry, Google told us that it currently has no comment. We certainly hope that device manufacturers do the responsible thing and distribute timely security patches to resolve this issue. Absent that, you can protect yourself by installing updates through the Play Store and Android's built-in system update utility. ign=Engadget
Stefan Mileschin is offline   Reply With Quote

Similar Threads
Thread Thread Starter Forum Replies Last Post
Oracle Reveals Plans for Java Security Improvements Stefan Mileschin WebNews 0 3rd June 2013 10:57
Hacks labelled hackers for finding security hole Stefan Mileschin WebNews 0 22nd May 2013 08:01
Best 5 Security Apps For Your Android Smartphone @ Stefan Mileschin WebNews 0 22nd April 2013 07:37
Apple releases iOS 6.1.3 to patch lock screen security hole Stefan Mileschin WebNews 0 20th March 2013 10:17
New Security Hole Found in Wi-Fi Routers: Disable UPnP to Protect Yourself Stefan Mileschin WebNews 0 31st January 2013 07:48
Android apps let down Google's security Stefan Mileschin WebNews 0 24th October 2012 08:19
Apple security software reveals Windows passwords Stefan Mileschin WebNews 0 15th October 2012 07:32
Microsoft advises nuking Windows Gadgets after security hole discovery Stefan Mileschin WebNews 0 12th July 2012 09:31
Mozilla Patches 'Critical' Firefox Security Hole Stefan Mileschin WebNews 0 13th February 2012 09:07
Huge Security Hole Found in Symantec Antivirus Software jmke WebNews 0 27th May 2006 14:42

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

All times are GMT +1. The time now is 18:53.

Powered by vBulletin® - Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO