Latest product reviews
ARCHOS 50 Diamond
ARCHOS GamePad2
ARCHOS
Smartphones
ARCHOS
TV Connect
ARCHOS 101 XS

A A A
Avatar

Please consider registering
Guest

Search

— Forum Scope —






— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

Register Lost password?

ClockworkMod (CWM) Recovery easy install for RK3066 and RK3188 -- TWRP/CWM Flash-Tool and root for RK3288

 Please donate to support OMA and CrewRKTablets firmware work, thank you !

sp_Feed sp_TopicIcon
Is your Archos / Arnova or Android device protected against the Master Key vulnerability ?
sp_BlogLinkWhite Read the original blog post
Avatar
admin

admin
Forum Posts: 5872
Member Since:
2010/09/11
sp_UserOfflineSmall Offline

Thanks Received: 3163
1
2013/08/07 - 23:59
sp_Permalink sp_Print

A few months ago, Jeff Forristal from bluebox.com discovered a security issue in Android system and disclosed it to Google in February 2013 (filed as Android security bug 8219321) another similar problem has also been highlighted a few weeks ago (bug 9695860)
These security issues allow exploiting signed Android applications (APK) by modifying the program they contain while maintaining the existing application signature intact. Such modified applications will appear signed by the original author so the exploit can be used by someone with bad intentions who could modify an application in a malicious way including a potentially dangerous payload.

Bluebox_security_scanner_xperia_z_vs_archos_50_platinum_DSC_0017bImage Enlarger
On the left, partly vulnerable device (ARCHOS 50 Platinum) and patched device (Sony Xperia Z) on the right.

These vulnerabilities have been patched by Google in their Android Open Source Project (AOSP) code, but not all OEM manufacturers have yet deployed these fixes so far. Smaller manufacturers (which is the case for most Chinese tablets, including Archos / Arnova) haven't yet fixed all their products. Some modified versions of Android code such as CyanogenMod (CM 10.1) have already the fixes in place. According to bluebox.com, Google Play Store should be protected to received applications modified to exploit this security problem. Still, it's quite easy for to malware type applications hosted on less protected Market places or downloaded from upload sites could easily infect unprotected devices.

We recommend that you make sure your device is patched against the Master Key vulnerability. If that's not the case, stay safe and download apps only from official market places or trusted sources.

Check your device using Bluebox Security Scanner

You can download and install the free Bluebox Security Scanner application on Google Play Store. Amazon.com and getjar.com to verify if your device is vulnerable to these security bugs

This application will check if your device has been safely patched against Google "Master Key" security bugs…

If you like our web site, applications and firmwares, feel free to support our site. Donations are used to pay the bills for our server hosting costs, development tools and purchase new tablets to support.

Avatar
Oma7144

Moderator

Firmware Guru
Forum Posts: 5783
Member Since:
2012/10/06
sp_UserOfflineSmall Offline

Thanks Received: 1281
2
2013/08/11 - 12:35
sp_Permalink sp_Print

If you like you can patch your rom by yourself using Xposed Framework and Master Key Dual Fix.

072.pngImage Enlarger

 

 

 

 

 

 

 

 

 

 

074.pngImage Enlarger

 

 

 

 

 

 

 

 

 

 

077.pngImage Enlarger

 

 

 

 

 

 

 

 

 

 

 

Here are some useful links: http://crewrktablets.arctablet.com/?p=1772

 

- Oma -

sp_PlupAttachments Attachments
Avatar
Ravikaleova
New Member
Forum Posts: 5
Member Since:
2014/05/27
sp_UserOfflineSmall Offline
3
2014/05/27 - 20:03
sp_Permalink sp_Print

Oma7144 said
If you like you can patch your rom by yourself using Xposed Framework and Master Key Dual Fix.

072.pngImage Enlarger

 

 

 

 

 

 

 

 

 

 

074.pngImage Enlarger

 

 

 

 

 

 

 

 

 

 

077.pngImage Enlarger

 

 

 

 

 

 

 

 

 

 

 

Here are some useful links: http://crewrktablets.arctablet.com/?p=1772Best 10 Inch Tablet

 

- Oma -

I think some altered forms of Android code, for example, Cyanogenmod (CM 10.1) have as of now the fixes set up. As indicated by bluebox.com, Google Play Store ought to be secured to accepted requisitions adjusted to adventure this security issue. Still, its simple for to malware sort requisitions facilitated on less ensured Market puts or downloaded from transfer locales could undoubtedly taint unprotected gadgets.

Forum Timezone: Europe/Paris

Most Users Ever Online: 749

Currently Online: Moebius
182 Guest(s)

Currently Browsing this Page:
1 Guest(s)


Devices in use: Desktop (148), Phone (29), Tablet (6)

Top Posters:

Oma7144: 5783

globula_neagra: 2424

finless: 604

DarthJabba: 551

exelletor: 450

JochenKauz: 450

cracktech: 432

maikal: 394

Newest Members:

Moebius

MasterNinja123

alexmza

egytatto

lovasl80

bobby1701

Forum Stats:

Groups: 10

Forums: 185

Topics: 5916

Posts: 58849

 

Member Stats:

Guest Posters: 43

Members: 256493

Moderators: 5

Admins: 1

Administrators: admin

Moderators: globula_neagra, exelletor, JochenKauz, Oma7144, cracktech


CrewRKTablets moderators: JochenKauz and Astralix