Android DDMS Vulner...
 
Notifications
Clear all

Android DDMS Vulnerability

2 Posts
1 Users
0 Likes
347 Views
(@trewmte)
Posts: 1877
Noble Member
Topic starter
 

The article states "The flaw is located in an Android component known as the Dalvik Debug Monitor Service (or DDMS), the virtual machine that runs software on Android devices. The vulnerability affects almost all Android devices in use, could allow a malicious actor to modify a legitimate, signed Android application without affecting the application’s cryptographic signature. That would prevent Android from noticing the changes when the application is installed."

http//trewmte.blogspot.co.uk/2013/07/android-ddms-vulnerability.html

 
Posted : 19/07/2013 10:06 am
(@trewmte)
Posts: 1877
Noble Member
Topic starter
 

On the 19th July I posted http//trewmte.blogspot.co.uk/2013/07/android-ddms-vulnerability.html about knowing exploits on and understanding originality and genuineness of a handset and (U)SIM Card.

Karsten Nohl on the 22nd July released details of an exploit for older type (no specifics as yet) SIM Cards using DES security. The exploit revealed a returned 'error code that contained the device's cryptographic signature, a 56-bit private key. It was then possible to decrypt the key using common cracking techniques.' http//www.theinquirer.net/inquirer/news/2283935/sim-card-encryption-exploit-leaves-mobile-phone-users-vulnerable-to-hacking

Importantly, the article goes on to identify possible exploits that can be caused when in possession of a decrypted key.

More on this - New SIM Card Exploit http//trewmte.blogspot.co.uk/2013/07/new-sim-card-exploit.html

 
Posted : 23/07/2013 11:07 am
Share: