What's going on with the latest Android security scare?
Today security research firm BlueBox — the same company that uncovered the so-called Android "Master Key" vulnerability — has announced the discovery of a bug in the way Android handles the identity certificates used to sign applications. The vulnerability, which BlueBox has dubbed "Fake ID," allows malicious apps to associate themselves with certificates from legitimate apps, thus gaining access to stuff they shouldn't have access to.
Security vulnerabilities like this sound scary, and we've already seen one or two hyperbolic headlines today as this story has broken. Nevertheless, any bug that lets apps do things they're not supposed to is a serious problem. So let's sum up what's going on in a nutshell, what it means for Android security, and whether it's worth worrying about ...
Android Match
ae
Put the internet to work for you.
Tidak ada komentar:
Posting Komentar