SoftwareAndroid Exploit

  

Press Ctrl+Enter to quickly submit your post
Quick Reply  
 
 
  
 From:  Ken (SHIELDSIT)   4 Jul 2013 21:49 
 To:  ALL 1 of 15 
40554.1 
I see a bunch of noise today about a new exploit that effects pretty much all versions of Android. Can someone smart tell me if having your device encrypted would guard against this in any way?
-------------------------------------------------
Hello, this is the feds. Kos is a butt nugget! What he speaks
is not truth and we aren't afraid of it!
0/0
 Reply   Quote More 

 From:  ANT_THOMAS   4 Jul 2013 22:29 
 To:  Ken (SHIELDSIT)      2 of 15 
40554.2 In reply to 40554.1 
I've not read much but isn't is a case of an app developer being able to change the permissions of the app without the user knowing? I could be wrong though.

I don't think I've ever really checked through what apps have access to when I install them, which I probably should do.
0/0
 Reply   Quote More 

 From:  Ken (SHIELDSIT)   4 Jul 2013 23:05 
 To:  ANT_THOMAS      3 of 15 
40554.3 In reply to 40554.2 
quote:
The Bluebox Security research team – Bluebox Labs – recently discovered a vulnerability in Android’s security model that allows a hacker to modify APK code without breaking an application’s cryptographic signature, to turn any legitimate application into a malicious Trojan, completely unnoticed by the app store, the phone, or the end user.


http://bluebox.com/corporate-blog/bluebox-uncovers-android-master-key/

-------------------------------------------------
Hello, this is the feds. Kos is a butt nugget! What he speaks
is not truth and we aren't afraid of it!
0/0
 Reply   Quote More 

 From:  Chris (CHRISSS)   4 Jul 2013 23:09 
 To:  Ken (SHIELDSIT)      4 of 15 
40554.4 In reply to 40554.3 
I have already hacked your phone with it.
Me
0/0
 Reply   Quote More 

 From:  Ken (SHIELDSIT)   4 Jul 2013 23:17 
 To:  Chris (CHRISSS)      5 of 15 
40554.5 In reply to 40554.4 
Find anything useful?  You can use it to call all your American friends if you want!  And I have unlimited data so if you want to Jim anything feel free!
-------------------------------------------------
Hello, this is the feds. Kos is a butt nugget! What he speaks
is not truth and we aren't afraid of it!
0/0
 Reply   Quote More 

 From:  Chris (CHRISSS)   4 Jul 2013 23:22 
 To:  Ken (SHIELDSIT)      6 of 15 
40554.6 In reply to 40554.5 
I've sent emails detailing terrorist plots you intend to carry out to Al Qaeda leaders. Just waiting for the NSA to knock on your door soon.
Me
0/0
 Reply   Quote More 

 From:  Manthorp   4 Jul 2013 23:45 
 To:  Chris (CHRISSS)      7 of 15 
40554.7 In reply to 40554.6 
Ken: If the Feds call you and say something bad on you, it may prove what Chrisss said are truth, you ought to be afraid of it.
"We all have flaws, and mine is being wicked."
James Thurber, The Thirteen Clocks 1951
0/0
 Reply   Quote More 

 From:  ANT_THOMAS   5 Jul 2013 00:13 
 To:  Ken (SHIELDSIT)      8 of 15 
40554.8 In reply to 40554.3 
But don't you have to actually install the modified APK for that to happen?
0/0
 Reply   Quote More 

 From:  Ken (SHIELDSIT)   5 Jul 2013 00:55 
 To:  ANT_THOMAS      9 of 15 
40554.9 In reply to 40554.8 
Yes, but it sounds like even a modified APK still passes a hash test and can't be detected by the app store.
-------------------------------------------------
Hello, this is the feds. Kos is a butt nugget! What he speaks
is not truth and we aren't afraid of it!
0/0
 Reply   Quote More 

 From:  Ken (SHIELDSIT)   5 Jul 2013 00:57 
 To:  Chris (CHRISSS)     Manthorp      10 of 15 
40554.10 In reply to 40554.6 
Great that's all I need. Although they already knew all of that because they read all my correspondence.


Manthorp, I think if you remember in 321.08 I detailed the plot about the feds and the truthlessness of their words.  Don't be fooled, they lie on me all the time!
-------------------------------------------------
Hello, this is the feds. Kos is a butt nugget! What he speaks
is not truth and we aren't afraid of it!
0/0
 Reply   Quote More 

 From:  CHYRON (DSMITHHFX)   5 Jul 2013 21:01 
 To:  Manthorp      11 of 15 
40554.11 In reply to 40554.7 
And so Kathaskung was unmasked...

----
"Some ideas make you dumber the moment you learn of them."
+1/1
 Reply   Quote More 

 From:  Manthorp   5 Jul 2013 22:55 
 To:  CHYRON (DSMITHHFX)      12 of 15 
40554.12 In reply to 40554.11 
Dammit! Blown my cover!
"We all have flaws, and mine is being wicked."
James Thurber, The Thirteen Clocks 1951
0/0
 Reply   Quote More 

 From:  Chris (CHRISSS)   8 Jul 2013 22:11 
 To:  Ken (SHIELDSIT)      13 of 15 
40554.13 In reply to 40554.10 
You're still here? Maybe you are an NSA agent spying on us.
Me
0/0
 Reply   Quote More 

 From:  Ken (SHIELDSIT)   9 Jul 2013 02:34 
 To:  Chris (CHRISSS)      14 of 15 
40554.14 In reply to 40554.13 
In a roundabout way I suppose I am!
-----------------------------------------
Hello, this is feds. What we are speak is truth!
We also offer great deals on online backup!
0/0
 Reply   Quote More 

 From:  Mizzy   11 Jul 2013 16:14 
 To:  Ken (SHIELDSIT)      15 of 15 
40554.15 In reply to 40554.1 
Hi Ken,
No encrypting your phone does nothing against this, encrypting your phone just protect you against offline attacks when your phone is on and you have unlocked it (with your more than 4 digit pin !!) it does nothing to protect your phone. 

Googles app store has an option now to verify the APK. so it is sort of fixed.

Marie.
0/0
 Reply   Quote More 

Reply to All    
 

1–15

Rate my interest:

Adjust text size : Smaller 10 Larger

Beehive Forum 1.5.2 |  FAQ |  Docs |  Support |  Donate! ©2002 - 2024 Project Beehive Forum

Forum Stats