On Thu, Jun 12, 2014 at 9:30 PM, Neil Burlock <burlock.n...@gmail.com> wrote: > I just received a cryptic email from Google stating that "one or more" or my > apps is using outdated SSL code. > > Is there some reliable way for me to find out what they are referring to? I > haven't implemented SSL into my apps, so it has to be some 3rd party tool > that's doing it. > > The email threatens that if I guess it wrong, my apps could be suspended. > Three or more policy violations usually equals account termination. I could > update all APIs used and I could still miss whatever is doing it because it > might be some feature built into the tool I used to write the apps. > > Google knows which apps are affected, and I need to find out what they know. > > I've been unable to find a way to contact anyone at Google for help. I've > tried searching, but I keep ending up at the "help center". > > Is there some sort of email address for security issues? Can you post the message headers from the original email? I'm wondering if its a hoax.
This is causing a number of concerns from folks around the web. But the Google Security Blog does not mention it (http://googleonlinesecurity.blogspot.com/). A hoax would make sense: its someone's prank; the emails lacks useful details or information because its a prank; and Google has not taken the time to explain it on their blogs because they did not send it. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-security-discuss+unsubscr...@googlegroups.com. To post to this group, send email to android-security-discuss@googlegroups.com. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
