Vulnerability Allows Maliciously-Modified Android Apps To Appear Verified
A newly-revealed vulnerability in Android allows attackers to bypass the usual app authenticity and integrity checks. Normally, the checks allow Android to verify that an app has not been modified. This new issue allows those with ill intent to modify an app with malicious code, without breaking the security signature. This will cause Android to report that the app is genuine and unmodified, when in fact it is not. The issue does not affect apps downloaded and updated exclusively through Google's Play Store. Apps downloaded or updated through any other sources may be affected. Full protection can only be provided by a patch to Android itself, which is up to phone manufacturers (and carriers) to provide. Samsung has implemented a fix on its Galaxy S 4, but the fix has not been confirmed for any other phones, and Google has not yet patched the issue in the base Android code, nor on its Nexus devices. Google was first notified about the issue in February, and notified its major partners in March. It affects all versions of Android from 1.6 through 4.2.
This points to a need for HUGE changes in smartphone security
The fundamental problem is smartphone security isn't taken seriously enough. Not even close. Consider what people store on their phones: It's generally their most personal information - and often times, that of others as well. Photos, account numbers, addresses, SSNs, personal notes, email, chats, SMS... All this on a device that's always connected to the internet. Top off the insecurity with the fact that they carry it around with them, often without even a lockscreen, and it's a r...
How unfortunate for Verizon handset owners.
Amount of people...
Personally I dont download anything unless I have a trusted source whether its on mobile or on my PC.
I rooted ...