Welcome to WebmasterWorld Guest from 54.145.85.22

Forum Moderators: bakedjake

Message Too Old, No Replies

Android-Based Phones Have a "Master Key", According to Security Researchers

     
1:31 pm on Jul 4, 2013 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:23150
votes: 344


A "master key" that could give cyber-thieves unfettered access to almost any Android phone has been discovered by security research firm BlueBox.

The bug could be exploited to let an attacker do what they want to a phone including stealing data, eavesdropping or using it to send junk messages.

The loophole has been present in every version of the Android operating system released since 2009.

Google said it currently had no comment to make on BlueBox's discovery.Android-Based Phones Have a "Master Key", According to Security Researchers [bbc.co.uk]
6:01 pm on July 4, 2013 (gmt 0)

Preferred Member

5+ Year Member

joined:June 15, 2007
posts:414
votes: 13


the short article describes it as a bug, versus a planned snooping backdoor.

users would have to install a compromised app.
1:29 am on July 5, 2013 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Oct 12, 2000
posts:14795
votes: 88


Yikes. They've known about this since February. I guess the fragmentation of the Android market will prevent them from acting quickly on this, but it's surprising that the Nexus devices haven't been patched. I read elsewhere that the only phone immune to this bug is the Samsung Galaxy S4, so apparently it is something that can be patched.
8:40 pm on July 5, 2013 (gmt 0)

Full Member

10+ Year Member

joined:June 4, 2005
posts: 243
votes: 31


a planned snooping backdoor


PRISM, anybody?
(surprise, surprise . . . .)

.