Somewhere, someone is going to make this a thing. Only, it's not really a thing. So let's just get out in front of it here.
Bluebox — the group behind this "Master Key" scare — has an app that will tell you if the exploit is on your phone, or if it's been patched. Cool. But remember:
- We're really not all worried about this. Here's the long version of why we're not worried about it.
- It's an exploit that needs to be fixed, and it's being fixed.
- Google took care of things on the server side, in Google Play.
- Google is patching things in the code side and working with the manufacturers to get it pushed out.
What we don't like to see is all of those scary "Unable to scan app xxxxxx, it may be trying to evade the scanner" lines. As if the apps themselves — apps we've been using for years — are to blame. That's bullshit.
And a word of advice, folks: If you're going to try Bluebox's little scanner app here, make sure you download it directly from Google Play, so you know it's safe. It'd be bad if someone used the "Master Key" exploit to circulate a malware-laden version of the scanner app without breaking the signature.
Us? We're uninstalling this thing ASAP.
- Filed under: