Security Firm Finds Gaping Hole in Android’s Security Fabric

8

Comments

+ Add a Comment
avatar

DeltaFIVEengineer

Shocking.

avatar

maseone

android by design is a trojan horse, get over it or throw it in the river. and just to be clear, previous posters here are full of shit.

my two coppers...
m1

avatar

r3dd4wg

Looks like someone found the key that says, "NSA".

avatar

Renegade Knight

A master key sounds a lot like a back door.

avatar

AETAaAS

Sensationalist writing... this exploit primarily affects apps installed outside of Google Play (as they have apparently already fixed this). Samsung has fixed this on some versions of the S4 and I imagine future phones and some older phones may receive the patch. People who sideload or download apps from shady websites are the ones who are at risk.

Basically if you left the "Allow apps from Unknown Sources" toggle in its default position, you are fine.

avatar

Mr_Histamine

Actually - if you'd read the article - the vulnerability exists with apps approved for the app store as well. So, yeah, it's kind of newsworthy.

I also wonder if it's taking them awhile to fix, due to their having to rework their security implementation (?); Google is usually pretty good at plugging security holes quickly.

avatar

AETAaAS

Yes, while it technically exists for Play approved apps, it will only affect users if they 'update' or otherwise install from outside Google Play, as they have patched this to disallowed apps tampered in this fashion though Play.

avatar

PCLinuxguy

+1. the only people getting malware are the ones downloading from all over the place recklessly rather than using known trusted sources.