Share to EffectHub.com

You can earn money or coins from your share:)

Tips: you can use Sparticle for uploading away3D effects.

Tips: you can download Sparticle for uploading effects.

Tips: The ActionScript editor is supporting Away3D, Starling, Dragonbones and Flex frameworks.

Tips: paste the web page URL then click button:)

EffectHub.com: Your Best Source for Gaming
Login    or

Why Heartbleed could be much worse for Android users

Even though Google does not have a Heartbleed problem, particularly since the company has known about the OpenSSL bug a month before everyone else, a large number of Android users may still be at risk, The Guardian reports. And that’s not because Google has not patched the security flaw, but rather because Heartbleed indirectly benefits from several factors.

For starters, Heartbleed only affects one version of Android and that’s the “old” Android 4.1.1. However, that also happens to be a very popular Android version running on Android phones, with as many as 50 million users running it on their current devices. The number comes from analytics firm Chitika, although Google is only saying that “less than 10%” of Android devices activated worldwide are actually at risk. According to Google’s recent Android distribution numbers, Jelly Bean runs on 34.4% of Android devices that communicate with the Google Play Store, but that number includes Jelly Bean versions from Android 4.1 to Android 4.3.

Affected devices are apparently “vulnerable to a hack described as ‘reverse Heartbleed’ — where a malicious server would be able to exploit the flaw in OpenSSL to grab data from the phone’s browser, which could include information about part sessions and logins,” according to The Guardian.

Even though Google has patched the OpenSSL issue and pushed a fix to OEMs and carriers, these two parties aren’t known for delivering fast Android updates of any kind. Therefore users will get the fix much later.

Security firm Lookout has developed an Android app that lets people check whether their Android device is vulnerable. The company tells The Guardian that more than 80% of people running Android 4.1.1 who have shared data with Lookout so far have been exposed to attacks.

The good news for Android 4.1.1 device owners is that it doesn’t look like hackers are trying to take advantage of the security issue at the moment. Furthermore, Lookout’s principal security researcher Marc Rogers told Bloomberg that a Heartbleed-based attack against Android would be a complex task.

“Given that the server attack affects such a larger number of devices and is so much easier to carry out, we don’t expect to see any attacks against devices until after the server attacks have been completely exhausted,” he said.

http://bgr.com/2014/04/16/heartbleed-android-4-1-1-jelly-bean/

...

You must Sign up as a member of Effecthub to view the content.

2097 views    0 comments

You must Sign up as a member of Effecthub to join the conversation.

Join Effecthub.com


Or Login with Your Email Address:

Or Sign Up with Your Email Address:
This field must contain a valid email
Password should be at least 1 character

A PHP Error was encountered

Severity: Notice

Message: Undefined index: HTTP_ACCEPT_LANGUAGE

Filename: views/footer.php

Line Number: 6

A PHP Error was encountered

Severity: Notice

Message: Undefined index: HTTP_ACCEPT_LANGUAGE

Filename: controllers/topic.php

Line Number: 21

A PHP Error was encountered

Severity: Notice

Message: Undefined index: HTTP_ACCEPT_LANGUAGE

Filename: controllers/topic.php

Line Number: 85