June 23, Roee Hay, security manager at IBM cracked a blog to share a discovery of its teams on safety Android. According to his research, it would be relatively easy for a malicious person to access most of the information contained in the Android KeyStore file. It is an essential part of a system that is used to store passwords, private networks, PINs or other sensitive information used to secure the aircraft.
In his blog, IBM's manager explains that once a malicious person gets through several stages of protection, it is possible to access many sensitive data. The flaw makes it possible to highlight the "credits locked device", but also the master keys, numerical or direct access to data stored in the device. Alerted by team Roee Hay, Google corrected this flaw on 4.4 and higher versions of Google. However the fault occurs with all versions 4.3 and lower. As highlighted in the website Ars Technica, the number of devices in the world still susceptible to this vulnerability thus amounts to 86.4% of smartphones and Android tablets used.
Aucun commentaire:
Enregistrer un commentaire