150M Android Apps Still Susceptible to Heartbleed
April 24, 2014 12:48 PM
comment(s) - last by
Researchers say that some of the 17 apps for Android claiming to search for Heartbleed are fake
Heartbleed has been an
interesting topic of discussion for the past few weeks
. Just last week, a
19-year-old Canadian was arrested
for allegedly hacking into the Canada Revenue Agency (CRA) portal by using Heartbleed.
Word has now surfaced that Heartbleed may be ready to cause a significant problem for Android users. Reports indicate that 150 million Android apps are vulnerable to Heartbleed. Security researchers say that while there are 17 Android apps that are able to scan for Heartbleed, at least six of that number use methods of scanning that are insufficient.
The findings came from
researchers Yulong Zhang, Hui Xue and Tao Wei. The researchers wrote, "For the Android platform, we find that roughly 150M downloads of Android apps contain OpenSSL libraries vulnerable to Heartbleed."
Some versions of Android aren’t vulnerable to Heartbleed, including Jelly Bean 4.1 and 4.1.1, since they don't use OpenSSL or use it in a way where the flawed features susceptible to Heartbleed are disabled by default.
Most of the apps that are vulnerable are games according to the researchers.
On the plus side, the number of apps vulnerable to Heartbleed has declined according to the researchers since April 10 when 220 million were estimated to be vulnerable.
This article is over a month old, voting and posting comments is disabled
RE: Word has just now surfaced?
4/24/2014 2:47:32 PM
I would rather no news than the typical overhyped nature of Android security reports.
I mean most Heartbleed articles, including this one, paint the picture of imminent threats to the end user. As if millions and millions of Android devices are on the verge of being hacked at any moment.
But what does Heartbleed ACTUALLY mean for the end user? The articles never say!
Turns out it's mostly nothing:
When you read this and see how Heartbleed actually leaves you vulnerable, and what a hacker would have to go through to get any useful information, it's highly unlikely Heartbleed poses a real-world risk to the end user.
Also people are reporting that every Android device not running Jelly Bean or Kit Kat is at risk. Which is just not true at all.
"If they're going to pirate somebody, we want it to be us rather than somebody else." -- Microsoft Business Group President Jeff Raikes
Mounties Arrest 19-Year-Old Who Delayed Canada's Tax Filing w/ Heartbleed
April 17, 2014, 3:24 PM
EFF: NSA May Have Used IRC Botnets to Exploit Heartbleed for Last Two Years
April 14, 2014, 4:43 PM
Target Missed Early Warning Signs of Holiday Data Breach
March 13, 2014, 1:45 PM
Tech's Biggest Loser on Tax Day: eBay Pays Nearly 99 Percent Tax Rate
April 15, 2015, 3:28 PM
Death and Dragons -- Report Claims Game of Thrones Hit by Piracy "Tidal Wave"
April 10, 2015, 8:37 AM
Court Blocks Twitter and YouTube in Turkey After Pro-Communist Attack in Istanbul
April 6, 2015, 10:53 AM
In Graphics and Quotes: $10.4 Billion Charter & Bright House Merger
April 2, 2015, 5:19 PM
WSJ Report Implies That Google Leveraged Lobbying to Kill Antitrust Abuse Probe
March 25, 2015, 5:37 PM
Nationalist Hackers From Turkey Cause Chaos, Deface Dozens of Sites
March 16, 2015, 12:29 PM
Most Popular Articles
HBO to VPN HBO Now Users: Prove You Live in U.S. or We Will Terminate You
April 21, 2015, 12:17 PM
Quick Note: Lady Macbath -- One Japanese Woman's Apple Themed Revenge
April 23, 2015, 11:47 AM
Colorado Man Cited for "Killing His Computer" With a Handgun
April 22, 2015, 1:06 PM
AMD CEO: Windows 10 Will Launch at "The End of July"
April 20, 2015, 7:24 PM
Even Hillary Clinton Was Addicted to Nintendo Gameboy
April 21, 2015, 10:30 PM
Latest Blog Posts
Sceptre Airs 27", 120 Hz. 1080p Monitor/HDTV w/ 5 ms Response Time for $220
Dec 3, 2014, 10:32 PM
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
More Blog Posts
Copyright 2015 DailyTech LLC. -
Terms, Conditions & Privacy Information