cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Join now - be part of our community!

Heartbleed bug on android devices....

Fawaz
Visitor
April 2014
April 2014

Heartbleed bug on android devices....

I saw a post about a heart bleed bug attack on android devices...does anybody know any infromation and how to protect our data?

0 Kudos
Reply
5 REPLIES 5
blackbox
Contributor
Contributor
April 2014
April 2014

It affects web servers, not android devices.

You may or may not wish to change passwords to internet services like social media and online banking, but you don't need to do anything to your phone.
0 Kudos
Reply
Mikeyc1
Visitor
April 2014
April 2014

I don't believe that is the case. It is my understanding that many android devices and applications are also at risk. Thus includes for instance users of android 4.1.1 which runs on quite a few phones - e.g. My Experia E. So my question is what are Sony doing about this?
0 Kudos
Reply
Danial-mach1
Leader
Leader
April 2014
April 2014

as i know we cant do anything..web servers(google play or else) must update their security systems to pervent attack

0 Kudos
Reply
blackbox
Contributor
Contributor
April 2014
April 2014

Yep, seems 4.1.1. uses the offending OpenSSL library. Sony have declined to comment (surprise, surprise):

http://www.bbc.co.uk/news/technology-27020256

Really, though the risk is very small as far as your phone goes. The much greater risk is having passwords stolen from a vulnerable website that you use. I imagine it's extremely unlikely to be patched on the E.

0 Kudos
Reply
blackbox
Contributor
Contributor
April 2014
April 2014

Quick update for anyone still worried about this. There's a better Heartbleed scanner that scans apps as well as the core Android stuff:

https://play.google.com/store/apps/details?id=com.bblabs.heartbleedscanner

Turns out the Netflix app and OfficeSuite on my phone are vulnerable. The risk is pretty small. Maybe very small - not sure how anyone can use the exploit without, say, setting up a fake Netflix server and somehow directing you to it. All the same I might disable those for the time being until fixed.

0 Kudos
Reply
1898421posts