Based on OSINT about the individuals listed on https://dexter.bluebox.com/team and http://www.dexlabs.org/team , I think iwe should consider the possibility that the attack involves techniques described in Phrack 68 (2012): http://phrack.org/issues.html?issue=68&id=15#article (see section 3.3 "Looking for a signature in applications". The AndroGuard tooling is still actively maintained at http://code.google.com/p/androguard/ ;.
Matthijs Op zaterdag 6 juli 2013 16:51:57 UTC+2 schreef Jeffrey Walton het volgende: > > Hi All, > > Has anyone gotten any details of Android bug 8219321 (master keys) > being discussed in the media? AOSP bugs reporter is not showing any > information (http://code.google.com/p/android/issues/list). > > I'm wondering if the platform builders are using the default keys. > Marko Gargenta discusses the four default keys briefly in > http://www.youtube.com/watch?v=NS46492qyJ8. (Excellent video, btw). > > Are there any controls we can place to mitigate the possible threats > (assuming they are threats)? > > Jeff > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-security-discuss+unsubscr...@googlegroups.com. To post to this group, send email to android-security-discuss@googlegroups.com. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/groups/opt_out.
