Introduction

We found a novel, critical attack again Android Phones. We reported this vulnerability to Google on June 20, 2011. In order to give them time to fix the issue, we have not published details of the attack yet.

We published this pdf that merely serves as a timestamp of discovery. It includes the SHA-512 hash of the full report as sent to Google.

Full Version

After Google informed us that they have fixed this vulnerabilty in their code base, we now provide the detailed version of our attack as pdf.

Press coverage

Print media (Online version linked if possible)

Heise Newsticker Online)   05. August 2011 (Externer Link)
Wochenspiegel (Online)   05. August 2011 (Externer Link)
L'essentiel (Online)   05. August 2011 (Externer Link)
Golem.de (Online)   05. August 2011 (Externer Link)
Datenschutz.de (Online)   05. August 2011 (Externer Link)
DRadio Wissen (Online)   05. August 2011 (Externer Link)
Silicon.de (Online)   05. August 2011 (Externer Link)
Saarbrücker Zeitung   06. August 2011
SR Online   06. August 2011 (Externer Link)
PC Games Hardware (Online)   07. August 2011 (Externer Link)
Computerwelt.at (Online)   08. August 2011 (Externer Link)
SWISS IT Magazine (Online)   08. August 2011 (Externer Link)
Wochenspiegel (Online, Video)   11. August 2011 (Externer Link)

Contact

In case of questions, please contact:

Prof. Dr. Michael Backes   [backes (at) cs (dot) uni-saarland (dot) de]
Sebastian Gerling   [sgerling (at) cs (dot) uni-saarland (dot) de]