I guess Samsung users will see this patched sometime in January 2099.
Android flaw lets attack code slip into signed apps
Researchers say a recently patched vulnerability in Android could leave users vulnerable to attack from signed apps. The vulnerability, dubbed Janus, would allow a malicious application to add bytes of code to the APK or DEX formats used by Android applications without affecting the application's signature. In other words, a …
COMMENTS
-
-
-
-
Sunday 10th December 2017 16:07 GMT TheVogon
"Back here in the real world, we rely on facts and evidence...."
Like this you mean:
https://www.grahamcluley.com/ztorg-sms-android-malware/
or this
https://www.grahamcluley.com/calljam-malware-infects-androids-keeps-ringing-premium-rate-numbers/
or this
http://www.zdnet.com/article/android-malware-in-google-play-racked-up-4-2-million-downloads-so-are-you-a-victim/
-
Sunday 10th December 2017 23:02 GMT Anonymous Coward
Yep, click bait bloggers getting their ad impressions up.
How many real world incidents do you know of. Pretty much everyone I know has an android phone, and absolutely no problems at all. Your links are hypothetical fud stories, and if you can't see that, then you really are quite gullible.
-
Monday 11th December 2017 01:03 GMT TheVogon
I got hit by one of these in a wallpaper app that signed me up for premium rate services. They are real. My phone is not rooted and I only use the PlayStore. And I posted about it on the reg forums a couple of months ago when it happened in case you want to claim I'm making it up to support this post ....
-
Monday 11th December 2017 09:06 GMT RyokuMas
History repeating
"Pretty much everyone I know has an android phone, and absolutely no problems at all."
Pretty much everyone I knew back in the late 90s/early 2000s had a windows PC. Sure we had all heard of these viruses that could exploit vulnerabilities, but everyone we knew had had absolutely no problems at all.
Then one day, one poor unfortunate soul we knew of managed to infect his works' systems with the Sircam worm...
So go ahead - keep on drinking that Google kool-aid, with you hands over you ears, your eyes shut and screaming "la la la, everything's ok"... I guarantee you that sooner or later, everything will end up not being okay, and your blase attitude will come back to bite you on the arse - unless, of course, the one here actually spreading the FUD (or rather, sowing the seeds of ignorance) is yourself.
-
-
-
-
-
-
Saturday 9th December 2017 09:46 GMT Bob Vistakin
Woah - the clue is in the earlier fix
So someone reads a bugfix list which Google released, saw it corrects an older problem, then "announces" they, themselves, personally using all their expert security skills, have found a vulnerability which, err, only affects older versions?
Way to go, Sherlock.