Bug #1737
Orbot affected by Andoid SecureRandom security flaw
| Status: | Closed | Start date: | 08/19/2013 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | - | Spent time: | - | |
| Target version: | v13 - For Aaron | |||
| Component: |
Description
Hi,
just wanted to check if Orbot is affected by the Android SecureRandom security flaw:
http://www.symantec.com/connect/blogs/android-cryptographic-issue-may-affect-hundreds-thousands-apps
History
#1 Updated by n8fr8 about 4 years ago
- Target version set to v13 - For Aaron
#2 Updated by n8fr8 about 4 years ago
- Status changed from New to Resolved
No... Orbot does not use any of the Java SecureRandom classes. It does all the cryptography work in OpenSSL in the native/Linux layer.
#3 Updated by n8fr8 almost 4 years ago
- Status changed from Resolved to Closed