Author Topic: Android crypto blunder exposes users to highly privileged malware  (Read 866 times)

0 Members and 1 Guest are viewing this topic.

JimB

  • Servant
  • Moderator
  • Posts: 7163
  • Pro 12:28 in the pathway thereof there is no death
The majority of devices running Google's Android operating system are susceptible to hacks that allow malicious apps to bypass a key security sandbox so they can steal user credentials, read e-mail, and access payment histories and other sensitive data, researchers have warned.

The high-impact vulnerability has existed in Android since the release of version 2.1 in early 2010, researchers from Bluebox Security said. They dubbed the bug Fake ID, because, like a fraudulent driver's license an underage person might use to sneak into a bar, it grants malicious apps special access to Android resources that are typically off-limits. Google developers have introduced changes that limit some of the damage that malicious apps can do in Android 4.4, but the underlying bug remains unpatched, even in the Android L preview. Source
By communion with God in nature, the mind is uplifted, and the heart finds rest.  {DA 291.1}