ALL Android Devices May Have Massive Security Hole

This isn’t good news. If you own an smartphone or tablet and it runs Google Android, there may be a security issue that makes it horrifically insecure. Here’s what Bluebox Security had to say:

The Bluebox Security research team – Bluebox Labs – recently discovered a vulnerability in Android’s security model that allows a hacker to modify APK code without breaking an application’s cryptographic signature, to turn any legitimate application into a malicious Trojan, completely unnoticed by the app store, the phone, or the end user. The implications are huge! This vulnerability, around at least since the release of Android 1.6 (codename: “Donut” ), could affect any Android phone released in the last 4 years – or nearly 900 million devices– and depending on the type of application, a hacker can exploit the vulnerability for anything from data theft to creation of a mobile botnet.

You’ll want to read their report as the implication are just frighting. The only good news is that according to CIO, Samsung has fixed the issue. But only if you own a Galaxy S4. But it’s unclear who else has fixed this and what the timelines are for anyone who makes an Android device to fix this. Oh, the CIO article also states that Google hasn’t officially commented. That doesn’t inspire the warm and fuzzies.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: