Black Hat: Android Master Key Vulnerability Makes Us SaferAug 02, 2013, 13:00 (0 Talkback[s])
(Other stories by Sean Michael Kerner)
WEBINAR: On-demand Event
Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >
Today at the Black Hat Security conference, Forristal delivered a talk that detailed precisely what the Android master key vulnerability is all about. As Forristal explained, Google's Android had multiple vulnerabilities in how the operating system verifies JAR/ZIP/APK files, which run on Android devices.
Calling it a master key flaw is a bit of a misnomer as it's not a single key, Forristal said. Rather it's a family of bugs that allow an attack to bypass signature verification. There are at least four currently known variants of the master key flaw.
0 Talkback[s] (click to add your comment)