Forum switched to read-only as of 2020/06/01

Latest product reviews
ARCHOS 50 Diamond
TV Connect


Please consider registering


— Forum Scope —

— Match —

— Forum Options —

Minimum search word length is 3 characters - maximum search word length is 84 characters

Register Lost password?

ClockworkMod (CWM) Recovery easy install for RK3066 and RK3188 -- TWRP/CWM Flash-Tool and root for RK3288

 Please donate to support OMA and CrewRKTablets firmware work, thank you !

sp_Feed sp_TopicIcon
Is your Archos / Arnova or Android device protected against the Master Key vulnerability ?
sp_BlogLinkWhite Read the original blog post

Forum Posts: 5878
Member Since:
sp_UserOfflineSmall Offline

Thanks Received: 3177
2013/08/07 - 23:59
sp_Permalink sp_Print

A few months ago, Jeff Forristal from discovered a security issue in Android system and disclosed it to Google in February 2013 (filed as Android security bug 8219321) another similar problem has also been highlighted a few weeks ago (bug 9695860)
These security issues allow exploiting signed Android applications (APK) by modifying the program they contain while maintaining the existing application signature intact. Such modified applications will appear signed by the original author so the exploit can be used by someone with bad intentions who could modify an application in a malicious way including a potentially dangerous payload.

Bluebox_security_scanner_xperia_z_vs_archos_50_platinum_DSC_0017bImage Enlarger
On the left, partly vulnerable device (ARCHOS 50 Platinum) and patched device (Sony Xperia Z) on the right.

These vulnerabilities have been patched by Google in their Android Open Source Project (AOSP) code, but not all OEM manufacturers have yet deployed these fixes so far. Smaller manufacturers (which is the case for most Chinese tablets, including Archos / Arnova) haven't yet fixed all their products. Some modified versions of Android code such as CyanogenMod (CM 10.1) have already the fixes in place. According to, Google Play Store should be protected to received applications modified to exploit this security problem. Still, it's quite easy for to malware type applications hosted on less protected Market places or downloaded from upload sites could easily infect unprotected devices.

We recommend that you make sure your device is patched against the Master Key vulnerability. If that's not the case, stay safe and download apps only from official market places or trusted sources.

Check your device using Bluebox Security Scanner

You can download and install the free Bluebox Security Scanner application on Google Play Store. and to verify if your device is vulnerable to these security bugs

This application will check if your device has been safely patched against Google "Master Key" security bugs…

If you like our web site, applications and firmwares, feel free to support our site. Donations are used to pay the bills for our server hosting costs, development tools and purchase new tablets to support.



Firmware Guru
Forum Posts: 6315
Member Since:
sp_UserOfflineSmall Offline

Thanks Received: 1386
2013/08/11 - 12:35
sp_Permalink sp_Print

If you like you can patch your rom by yourself using Xposed Framework and Master Key Dual Fix.

072.pngImage Enlarger











074.pngImage Enlarger











077.pngImage Enlarger












Here are some useful links:


- Oma -

New Member
Forum Posts: 5
Member Since:
sp_UserOfflineSmall Offline
2014/05/27 - 20:03
sp_Permalink sp_Print

Oma7144 said
If you like you can patch your rom by yourself using Xposed Framework and Master Key Dual Fix.

072.pngImage Enlarger











074.pngImage Enlarger











077.pngImage Enlarger












Here are some useful links: 10 Inch Tablet


- Oma -

I think some altered forms of Android code, for example, Cyanogenmod (CM 10.1) have as of now the fixes set up. As indicated by, Google Play Store ought to be secured to accepted requisitions adjusted to adventure this security issue. Still, its simple for to malware sort requisitions facilitated on less ensured Market puts or downloaded from transfer locales could undoubtedly taint unprotected gadgets.

Forum Timezone: Europe/Paris

Most Users Ever Online: 803

Currently Online:
41 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Devices in use: Desktop (37), Phone (4)

Top Posters:

finless: 604

DarthJabba: 551

maikal: 394

mussonero1: 350

alex: 252

damo: 243

DanielVd: 237

Mark06: 222

Newest Members:







Forum Stats:

Groups: 10

Forums: 185

Topics: 6037

Posts: 60500


Member Stats:

Guest Posters: 43

Members: 262194

Moderators: 5

Admins: 1

Administrators: admin

Moderators: globula_neagra, exelletor, JochenKauz, Oma7144, cracktech

CrewRKTablets moderators: JochenKauz and Astralix