Google has confirmed reports of a weakness in Android's Java Cryptography Architecture (JCA) that has left bitcoin wallets generated on Android devices vulnerable to theft.
The issue came to light last weekend, with reports that around $5,700 worth of the bitcoin cryptocurrency had been stolen as a result of the vulnerability on Android.
"We
have now determined that applications which use the Java Cryptography
Architecture (JCA) for key generation, signing, or random number
generation may not receive cryptographically strong values on Android
devices due to improper initialization of the underlying PRNG,"
explained Android security engineer Alex Klyubin in a post on Google's Android developers blog.
"Applications that directly invoke the .....read full new at Guardian
No comments:
Post a Comment