DaMan
Active Member
- Joined
- Nov 17, 2003
- Location
- South of Nowhere
<center><a href="http://www.bgr.com/2012/02/09/hackers-crack-google-wallet-security-on-rooted-galaxy-nexus-video"><img class="size-full wp-image-114271 aligncenter" title="Google-Wallet-Samsung-Nexus" src="http://www-bgr-com.vimg.net/wp-content/uploads/2011/11/Google-Wallet-Samsung-Nexus.jpg" alt="" width="652" height="489" /></a></center>
The security experts at zVelo have discovered a vulnerability in Google Wallet that allows them to “easily reveal” users’ PINs. If a Google Nexus is rooted, Google Wallet’s PIN verification system can be cracked using a brute force attack. zVelo said on Wednesday that it immediately reported its findings to Google, and the company “agreed to work quickly to resolve it,” although the researchers said Google “ran into obstacles.” To fix the problem, the PIN verification must be moved into the secure element of the NFC chip in a device, however to do so Google must apparently coordinate with banks. Moreover, changing the way a PIN is stored will also change which company is responsible for its security. Read on for more. <span id="more-126382"></span>
If users refrain from rooting their devices, enable a passcode to lock their device, disable USB debugging and enable Full Disk Encryption, they will be better protected from a possible attack. Google released <a href="http://thenextweb.com/google/2012/02/09/google-is-reportedly-working-to-fix-a-major-google-wallet-security-flaw/">a statement to <em>TheNextWeb</em></a> and ensures users that the vulnerability only affects rooted devices. “We strongly encourage people to not install Google Wallet on rooted devices and to always set up a screen lock as an additional layer of security for their phone,” said a company spokesperson.
<center><object width="651" height="361" classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" /><param name="allowscriptaccess" value="always" /><param name="src" value="http://www.youtube.com/v/P655GXnE_ic?version=3&hl=en_US&rel=0" /><param name="allowfullscreen" value="true" /><embed width="651" height="361" type="application/x-shockwave-flash" src="http://www.youtube.com/v/P655GXnE_ic?version=3&hl=en_US&rel=0" allowFullScreen="true" allowscriptaccess="always" allowfullscreen="true" /></object></center>
<a href="https://zvelo.com/blog/entry/google-wallet-security-pin-exposure-vulnerability">Read</a>
<img src="http://feeds.feedburner.com/~r/TheBoyGeniusReport/~4/rp9aDDpLc_M" height="1" width="1"/>
Via BRG - Boy Genius Report
The security experts at zVelo have discovered a vulnerability in Google Wallet that allows them to “easily reveal” users’ PINs. If a Google Nexus is rooted, Google Wallet’s PIN verification system can be cracked using a brute force attack. zVelo said on Wednesday that it immediately reported its findings to Google, and the company “agreed to work quickly to resolve it,” although the researchers said Google “ran into obstacles.” To fix the problem, the PIN verification must be moved into the secure element of the NFC chip in a device, however to do so Google must apparently coordinate with banks. Moreover, changing the way a PIN is stored will also change which company is responsible for its security. Read on for more. <span id="more-126382"></span>
If users refrain from rooting their devices, enable a passcode to lock their device, disable USB debugging and enable Full Disk Encryption, they will be better protected from a possible attack. Google released <a href="http://thenextweb.com/google/2012/02/09/google-is-reportedly-working-to-fix-a-major-google-wallet-security-flaw/">a statement to <em>TheNextWeb</em></a> and ensures users that the vulnerability only affects rooted devices. “We strongly encourage people to not install Google Wallet on rooted devices and to always set up a screen lock as an additional layer of security for their phone,” said a company spokesperson.
<center><object width="651" height="361" classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0"><param name="allowFullScreen" value="true" /><param name="allowscriptaccess" value="always" /><param name="src" value="http://www.youtube.com/v/P655GXnE_ic?version=3&hl=en_US&rel=0" /><param name="allowfullscreen" value="true" /><embed width="651" height="361" type="application/x-shockwave-flash" src="http://www.youtube.com/v/P655GXnE_ic?version=3&hl=en_US&rel=0" allowFullScreen="true" allowscriptaccess="always" allowfullscreen="true" /></object></center>
<a href="https://zvelo.com/blog/entry/google-wallet-security-pin-exposure-vulnerability">Read</a>
<img src="http://feeds.feedburner.com/~r/TheBoyGeniusReport/~4/rp9aDDpLc_M" height="1" width="1"/>
Via BRG - Boy Genius Report
