ID: IRCNE2013081930
Date: 2013-08-19
According to "computerworld", Google is distributing patches for a cryptography flaw in Android that may affect hundreds of thousands of applications.
Affected applications are those that rely on the pseudo random number generator (PRNG) within the Java Cryptography Architecture." Klyubin wrote.
Random numbers are used in part to generate secure encryption keys and for other cryptography processes. In some cases, the numbers were not "cryptographically strong values," Klyubin wrote.
Application developers are advised to "evaluate whether to regenerate cryptographic keys or other random values previously generated," he wrote.
At least four Android Bitcoin clients -- Bitcoin Wallet, Blockchain, Mycelium Bitcoin Wallet and BitcoinSpinner -- were fixed just before Google's patch release.
- 2