Recent news articles pointed out that the Android OS has a flaw that enables any installed app to access information copied to the clipboard. This presents a problem for virtually every password management program (e.g., Lastpass, Keepass). See this link for more info: http://www.talkandroid.com/227369-password-managers-on-android-are-not-as-secure-as-one-would-think/
Note: I tested for and verified that this flaw exists by copying a newly created Login and Password that I stored in KeePass, and then using the proof-of-concept App (mentioned in the above article) ClipCaster to see if it could "capture" the data; it did. In other words, password managment apps like Lastpass and KeePass store logins/passwords and allow users to copy them to the clipboard for easy entering into online forms, etc. The Android OS flaw enables any app to access this data, and requires no extra permissions to do so.
So, I am wondering if there is anything that Webroot can do to protect us from this?
Page 1 / 1
Hello!
That is a very serious security issue. While Webroot and other AV companies may be able to implement something to help keep this from happening, it is more a coding fault within the OS itself. Google should introduce a patch for this flaw as that will be a safest and best way to fix the issue.
EDIT: Correct the OS system manufacturer.
That is a very serious security issue. While Webroot and other AV companies may be able to implement something to help keep this from happening, it is more a coding fault within the OS itself. Google should introduce a patch for this flaw as that will be a safest and best way to fix the issue.
EDIT: Correct the OS system manufacturer.
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.