Snapshot screen smartphone, the researchers modified Bluebox. As you can see, there is no mention Android. Photo: bluebox.com
In early July, the technical director of the research laboratory Bluebox Labs Jeff Forristal left a message in a corporate blog that they had found a tremendous hole in the security system, affecting 99% Android-devices, providing the most full access to your favorite (or not so favorite, but what does and unloved, old and decrepit) smartphone.
Google has been notified about this back in February. So what? Nothing, nothing has changed.
So on July 27 at the annual computer security conference Black Hat in Las Vegas, Jeff in his speech will present all the details. Follow their twitter BlueboxSec. It seems that the scandal is coming.
So what is it actually? This exploit allows you to modify the application code without damaging the cryptographic signature to the application of the victim. This Trojan can get to you in the mail from a third party Market or from any website where you upload a very, very well right program.
«The application can then not only read the data on the device, such as email, SMS or documents, but also to gain access to the passwords of different accounts that are recorded on your smartphone or tablet. An application can also access the normal phone functions, such as short messages, telephone calls, on and off camera. Finally, the most unpleasant – hackers can create a number of always-on device, part of the botnet, “- says Jeff.
not be an exception and programs worldwide vendors, such as HTC, Samsung, Motorola, LG (not to mention about super phones at great prices from China), or third parties, working in cooperation with the manufacturer of devices such as Cisco AnyConnect VPN, and which have been granted special privileges to the Android.
And what is this mysterious 1%? Turns out, the guys from Samsung are on the alert – for the Galaxy S4 patch has already been released. For a family of Nexus is still being prepared.
recommendations are simple. Check whether all the security updates you have installed and do not go to where to seek.
Permanent address: http://www.epochtimes.ru/content/view/76494/ 5 /