Dara Kerr wrote:Read here.
http://asset2.cbsistatic.com/cnwk.1d/i/tim2/2013/08/14/android-logo-generic-hai_610x372.jpg
Google has confirmed a flaw in Android's operating system, which could make Bitcoin digital wallets vulnerable to theft.
Android security engineer Alex Klyubin penned a blog post on Wednesday outlining the root cause of the vulnerability.
"We have now determined that applications which use the Java Cryptography Architecture (JCA) for key generation, signing, or random number generation may not receive cryptographically strong values on Android devices due to improper initialization of the underlying PRNG," Klyubin wrote. "Applications that directly invoke the system-provided OpenSSL PRNG without explicit initialization on Android are also affected."
The flaw was discovered on Sunday by Bitcoin developers. The vulnerability apparently occurs in an Android component that generates secure random numbers (PRNG). Because the problem is rooted in the operating system, every Bitcoin digital wallet generated by an Android app can be affected by the weakness.
Google confirms Android flaw that led to Bitcoin theft
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.