- Jul 9, 2013
- 7
- 11
Hi all,
I believe most of you came accross the trending topic these days, the recently discovered criptographic bug named Heartbleed.
As far as I know, it also affect some Android phones, as OpenSSL is baked inside. Not that I was especially worried about that, but I came accross a detector app (powered by the guys behind Lookout Mobile Security) named Heartbleed Detector. It seems that it actually detect the version of OpenSSL being used on the phone, and would tell if the phone is actually vulnerable or not.
I have MI2S, running MIUI 4.4.4 (based on Android 4.1.1 JRO03L). The Heartbleed Detector said my phone is vulnerable (see file attached).
Well, I would like to know a couple of things:
Thanks in advance.
I believe most of you came accross the trending topic these days, the recently discovered criptographic bug named Heartbleed.
As far as I know, it also affect some Android phones, as OpenSSL is baked inside. Not that I was especially worried about that, but I came accross a detector app (powered by the guys behind Lookout Mobile Security) named Heartbleed Detector. It seems that it actually detect the version of OpenSSL being used on the phone, and would tell if the phone is actually vulnerable or not.
I have MI2S, running MIUI 4.4.4 (based on Android 4.1.1 JRO03L). The Heartbleed Detector said my phone is vulnerable (see file attached).
Well, I would like to know a couple of things:
- Can this be easily fixed ?
- Should I update to a safe version of OpenSSL (and if so, how do I do that) ?
- Or is some patch from MIUI developers expected ? Maybe the patch should be done by Google in Android itself first, and then mirrorred in some upcoming MIUI update ?
Thanks in advance.
![Screenshot_2014-04-12-08-40-05[1].png](/community/data/attachments/6/6618-4b44feca3a667b59db1cbc18a961f906.jpg)
