'master Key' To android Phones uncovered - Phones - Nairaland
Nairaland Forum / Science/Technology / Phones / 'master Key' To android Phones uncovered (743 Views)
Top 10 Current And Best MTK Android Phones / 11 Features To Look Out For When Buying Android Phones / New To Android Bundles (2) (3) (4)
(1) (Reply)
| 'master Key' To android Phones uncovered by Nobody: 6:07pm On Jul 09, 2013 |
A "master key" that could give cyber-thieves unfettered access to almost any Android phone has been discovered by security research firm BlueBox. The bug could be exploited to let an attacker do what they want to a phone including stealing data, eavesdropping or using it to send junk messages. The loophole has been present in every version of the Android operating system released since 2009. Google said it currently had no comment to make on BlueBox's discovery. Writing on the BlueBox blog , Jeff Forristal, said the implications of the discovery were "huge". The bug emerges because of the way Android handles cryptographic verification of the programs installed on the phone. Android uses the cryptographic signature as a way to check that an app or program is legitimate and to ensure it has not been tampered with. Mr Forristal and his colleagues have found a method of tricking the way Android checks these signatures so malicious changes to apps go unnoticed. Any app or program written to exploit the bug would enjoy the same access to a phone that the legitimate version of that application enjoyed. "It can essentially take over the normal functioning of the phone and control any function thereof," wrote Mr Forristal. BlueBox reported finding the bug to Google in February. Mr Forristal is planning to reveal more information about the problem at the Black Hat hacker conference being held in August this year. Marc Rogers, principal security researcher at mobile security firm Lookout said it had replicated the attack and its ability to compromise Android apps. Mr Rogers added that Google had been informed about the bug by Mr Forristal and had added checking systems to its Play store to spot and stop apps that had been tampered with in this way. The danger from the loophole remains theoretical because, as yet, there is no evidence that it is being exploited by cyber-thieves. www.bbc.co.uk/news/technology-23179522 |
| Re: 'master Key' To android Phones uncovered by Tingles(m): 9:00pm On Jul 09, 2013 |
I knew it, I have never felt safe with Google and its interconnected products. I knew Google would have tested the efficiency of its crawler/bot on our Gmail accounts and they would have made a backup of the entire content of my Android phone on their server. I also know that there is absolutely nothing I can do about it. |
| Re: 'master Key' To android Phones uncovered by Nobody: 11:09am On Jul 10, 2013 |
Yesterday something happened, I saw a bank alert in my phone and it was 5000 deducted from my account, I cant read the information of the Transaction, so I became scared because I recently registered my Visa account with Google wallet, But thank God when I got to the bank it was a wrong transaction of last year that was traced and corrected... So I didn't wast time in moving the available money to my other account..... I KNOW SOMETHING LIKE THESE WOULD HAVE BEEN UNLEASHED AND WAITING TO BE DISCOVERED. |
(1) (Reply)
+++ / Mediatek New MT6795 64bit Soc / Help Me Make A Choice Between These Phones
(Go Up)
| Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health religion celebs tv-movies music-radio literature webmasters programming techmarket Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 14 |