Saturday, July 5, 2014

Android Kolme

Its been a while since I post anything security related. Mostly because since I work in security I tend to publish hobbie related stuff.
So here's an interesting joint research I was involved with Marco Lux from Curesec.
We investigated the source code of the Android Operating System and its default apps.
It was real interesting, to say the least.
Today we released some details of our findings about CVE-2013-6272 and another one unassigned yet. Basically, did you know an app doesn't really need permissions to make a phone call from your device? ;)

Without going much into details, which you can find here and here, lets just say something is broken in Android. Of course, I guess we all know it deep inside...
Don't get me wrong, I love Android, own a few and I think it's a great OS from the user perspective. The point is that someone, sometime will have to take security more serious in such a widespread mobile OS. Or not...

What do you think about it?

1 comment:

  1. He is no scam, I tested him and he delivered a good job, he helped me settle bank loans, helped my son to increase his grades at high school final year and he also gave him automatic scholarship into college, all i had to do was to settle the bills for tools on the job and gave him the necessary information and he did the rest, I  was hopeless before not knowing what to do but thanks to I am now a happy man free from troubles, sharing this is how I can show gratitude for all he has done for me and my family.