[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Android security bug

Subject: [ale] Android security bug
From: jim.kinney at gmail.com (Jim Kinney)
Date: Sat, 6 Jul 2013 11:33:48 -0400
In-reply-to: <CADT30qU-P_E2=qS_f2yEdpVH3LWdA63DXHUtVf2KCeaNVn+jnA@mail.gmail.com>
References: <CADT30qU-P_E2=qS_f2yEdpVH3LWdA63DXHUtVf2KCeaNVn+jnA@mail.gmail.com>

Google implemented a Play scan for this bug. Apps from Google Play ONLY
have been checked. Other repos are vulnerable.
Now to see if phone vendors push an update. Not holding my breath.
On Jul 6, 2013 10:40 AM, "Charles Shapiro" <hooterpincher at gmail.com> wrote:

> Be careful out there. (
> http://bluebox.com/corporate-blog/bluebox-uncovers-android-master-key/).  This basically means that it's possible to grab an application from
> Google Play and undetectably modify it to do Evil.  It's more-or-less the
> equivalent of a privilege escalation exploit in Unix.  Nothing in the wild
> yet.
>
> -- CHS
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130706/67f442ef/attachment.html>

Follow-Ups:
- [ale] Android security bug
  - From: oloryn at benshome.net (Ben Coleman)

References:
- [ale] Android security bug
  - From: hooterpincher at gmail.com (Charles Shapiro)

Prev by Date: [ale] Want to get involved with a Linux scripting project?
Next by Date: [ale] Want to get involved with a Linux scripting project?
Previous by thread: [ale] Android security bug
Next by thread: [ale] Android security bug
Index(es):
- Date
- Thread