Android users get a tool to detect signing hole vulnerability
Posted by: TimW on 07/10/2013 03:35 PM [ Comments ]
Bluebox, the company that disclosed the existence of a flaw in Android which allowed APK files to be covertly modified, has now released the "Bluebox Security Scanner" on the Google Play and Amazon Android Store as a free app. The app checks for the possible vulnerability, checks whether the device allows installations from other sources and scans apps for the presence of any code that appears to exploit the vulnerability.
Although the app is packaged as the "Bluebox Security Scanner", internally it refers to itself as the "MasterKey Security Scanner" even though there is no master key involved in the process. The recently released exploit for the bug merely unpacks an APK archive, allows files to be modified and then repacks the archive, storing both the original and modified version of any changed file. It is the duplication that tricks Android into believing the APK file has not been tampered with.
This is not a standalone utility. It is meant to be used with other security software as it only is checking for this one vulnerability. In testing, the software correctly identified that the Samsung Galaxy S4 was not vulnerable, being one of the few phones that has had the simple fix applied to it.
This is not a standalone utility. It is meant to be used with other security software as it only is checking for this one vulnerability. In testing, the software correctly identified that the Samsung Galaxy S4 was not vulnerable, being one of the few phones that has had the simple fix applied to it.
Comments