Posted by: David Harley | August 9, 2013

Google and Security…

…and that’s the last time you’ll see both those words in the same sentence in this article, as the Android so-called masterkey vulnerability reverberates. (HT to Istvan Csizmazia.)

Paul Ducklin reports for Sophos that further samples have been found that make use of it: Android “Master Key” vulnerability – more malware exploits code verification bypass. As Ducklin observes:

A bad bug – and although it’s fixed in the Android open source codebase, Google simply isn’t saying anything about how long it’s prepared to wait for its handset partners to get the fix out to Android users around the world.

No comment yet from Chris DiBona it seems… And I’m not even going to mention the Chrome password fiasco, since it appears that it’s not a problem at all. Oh, all right, I’ve already mentioned it. (Quoted in an article by Rob Waugh.)

David Harley
Small Blue-Green World

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: