Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Post Reply

Heartbleed an issue for our GS3?

OP DurhamHusker

10th April 2014, 04:19 AM   |  #1  
DurhamHusker's Avatar
OP Senior Member
Flag Kansas City
Thanks Meter: 125
 
272 posts
Join Date:Joined: Nov 2010
More
;So ... at the behest of some of the "security experts" I downloaded the Bluebox Heartbleed Scanner from the Play Store and got the following interesting results.

I'm running a TW ROM based on Samsung's Android 4.3 release. I was under the impression that only Android 4.1 was affected. So should we be worried?

Last edited by DurhamHusker; 10th April 2014 at 04:29 AM.
10th April 2014, 06:14 AM   |  #2  
DurhamHusker's Avatar
OP Senior Member
Flag Kansas City
Thanks Meter: 125
 
272 posts
Join Date:Joined: Nov 2010
More
I emailed the developers of the scanner app and here is their response concerning our GS3 on Android 4.3:

--

The version of OpenSSL is within the affected range but the heartbeats feature has been disabled, leaving you safe. *It turned out the version number isn't enough to confirm vulnerability.

We are working on a scanner update that will test whether the OpenSSL library has the heartbeat feature enabled/disabled rather than relying on the version number alone. That should fix the confusion you are seeing. *Stay tuned.

Thanks for the feedback!

- Jeff
11th April 2014, 09:29 PM   |  #3  
Junior Member
Thanks Meter: 0
 
3 posts
Join Date:Joined: Apr 2014
It would have said "this version ... is vulnerable, but heartbeats are disabled so you're safe" if things were OK.
It says so on my phone.
Maybe you should giveit another try with the curren version, I have 1.2.1 from playstore.
Last edited by rudolfm; 11th April 2014 at 09:44 PM.
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes