The article states "The flaw is located in an Android component known as the Dalvik Debug Monitor Service (or DDMS), the virtual machine that runs software on Android devices. The vulnerability affects almost all Android devices in use, could allow a malicious actor to modify a legitimate, signed Android application without affecting the application’s cryptographic signature. That would prevent Android from noticing the changes when the application is installed."
http//
On the 19th July I posted http//
Karsten Nohl on the 22nd July released details of an exploit for older type (no specifics as yet) SIM Cards using DES security. The exploit revealed a returned 'error code that contained the device's cryptographic signature, a 56-bit private key. It was then possible to decrypt the key using common cracking techniques.' http//
Importantly, the article goes on to identify possible exploits that can be caused when in possession of a decrypted key.
More on this - New SIM Card Exploit http//