On Mon, Aug 12, 2013 at 2:24 PM, Jeffrey Walton <noloa...@gmail.com> wrote: > Interesting reading here.... > > Does anyone know precisely what the flaw is/was (why was the PRNG > returning the same values)? Did the developers of the wallet provide > the same seed each time? Or did the PRNG fail? > > http://nakedsecurity.sophos.com/2013/08/12/android-random-number-flaw-implicated-in-bitcoin-thefts/ It looks like Symantec performed an analysis, and over 360,000 applications were using SecureRandom. Of those, 320,000 could be affected.
http://www.symantec.com/connect/blogs/android-cryptographic-issue-may-affect-hundreds-thousands-apps Jeff -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-security-discuss+unsubscr...@googlegroups.com. To post to this group, send email to android-security-discuss@googlegroups.com. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/groups/opt_out.
