Thursday, July 4, 2013

A bug affecting 99% of Android devices could leave the way ... - ZDNet

Security: Most users will not be affected, if the bug is present, users are taking to Play Store remain relatively safe

.

The announcement came from Bluebox, a security company unknown few days ago, but venturing into the choppy waters of the security on the Android operating system. According to the publisher, 99% of Android devices are affected by a bug to bypass the security model of the system.

A Because of this flaw, a potential attacker could modify the code APK, size containers for Android applications, without having to break the cryptographic signature of the application. Possible outlets: malware, Trojans, data recovery, etc.. Without the user, the phone or the app store noticing.

affected 99%

appliances

addition it is a godsend for communication services vendors of security solutions for Android, this flaw “has huge implications,” said Bluebox. “Vulnerability, almost since the release of Android 1.6 (codenamed Donut) can affect any phone released in the last four years – nearly 900 million units – and the type of application, an attacker could exploit the vulnerability to do anything, the flight data to create a mobile botnet. “

discovery Bluebox was sent to Google in February, and now the publisher has asked manufacturers to update their systems to correct the flaw. Those who would possess a slightly older model may be long, but it’s a safe bet that for recent models, the fault has been corrected in the past four months.

However, as noted by GigaOm, we should not delude ourselves about the speech Bluebox, which necessarily puts a little before its discovery and expertise. For the online magazine, nothing will change for most users.

An argument for the Play Store

Although he admits that it is not “a stunt”, the new GigaOm tempers. As usual, will be especially concerned users who download applications outside of Google Play Store. The news does not shine by its incitement to freedom of choice, especially since Google has strengthened its limitations for applications on the app store: impossible for publishers to allow up-to-date outside the system Play Store.

This novelty was introduced in April … Two months after the fault Bluebox pointed to Google, if you believe the dates of the publisher. For those who, for various reasons (lack of residence in the country such as China, desire for independence vis-à-vis Google services, etc.), prefer to use an app store alternative, the risks can be mitigated somewhat by systematically checking the identity of the publisher and putting the device up to date.

No comments:

Post a Comment