Linux Today: Linux News On Internet Time.

Black Hat: Android Master Key Vulnerability Makes Us Safer

Aug 02, 2013, 13:00 (0 Talkback[s])
(Other stories by Sean Michael Kerner)

Today at the Black Hat Security conference, Forristal delivered a talk that detailed precisely what the Android master key vulnerability is all about. As Forristal explained, Google's Android had multiple vulnerabilities in how the operating system verifies JAR/ZIP/APK files, which run on Android devices.

Calling it a master key flaw is a bit of a misnomer as it's not a single key, Forristal said. Rather it's a family of bugs that allow an attack to bypass signature verification. There are at least four currently known variants of the master key flaw.

Complete Story