On 07/30/2014 03:50 PM, Bruno Girin wrote: > Hi all, > > I just found this article on the "Fake ID" exploit in Android [1]. How is > privileged access meant to work in Ubuntu Touch and should that sort of > exploits > be a concern? > > Cheers, > > Bruno > > [1] > http://arstechnica.com/security/2014/07/android-crypto-blunder-exposes-users-to-highly-privileged-malware/
Ubuntu's security model is considerably different[1][2] than android. There is no concept of granting special access based on app certificate so there is nothing to forge to gain privilege. [1]https://wiki.ubuntu.com/SecurityTeam/Specifications/ApplicationConfinement [2]http://developer.ubuntu.com/publish/apps/security-policy-for-click-packages/ -- Jamie Strandboge http://www.ubuntu.com/
signature.asc
Description: OpenPGP digital signature
-- Mailing list: https://launchpad.net/~ubuntu-phone Post to : ubuntu-phone@lists.launchpad.net Unsubscribe : https://launchpad.net/~ubuntu-phone More help : https://help.launchpad.net/ListHelp
