[ale] Android security bug

Jim Kinney jim.kinney at gmail.com
Sat Jul 6 11:33:48 EDT 2013


Google implemented a Play scan for this bug. Apps from Google Play ONLY
have been checked. Other repos are vulnerable.
Now to see if phone vendors push an update. Not holding my breath.
On Jul 6, 2013 10:40 AM, "Charles Shapiro" <hooterpincher at gmail.com> wrote:

> Be careful out there. (
> http://bluebox.com/corporate-blog/bluebox-uncovers-android-master-key/).  This basically means that it's possible to grab an application from
> Google Play and undetectably modify it to do Evil.  It's more-or-less the
> equivalent of a privilege escalation exploit in Unix.  Nothing in the wild
> yet.
>
> -- CHS
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130706/67f442ef/attachment.html>


More information about the Ale mailing list