If you installed CyanogenMod on your Android, then your device is purportedly vulnerable to a zero-day blamed on code re-use. At the Ruxcon Security Conference in Australia, an unnamed security researcher revealed that CyanogenMod developers “copy-pasted” Oracle’s “sample code for Java 1.5” and that’s what puts Android devices with CyanogenMod at risk of man-in-the-middle attacks.  

The Register reported that the security researcher does not want his name used, but he warned that CyanogenMod and a “ton of others” have reused code that was reported to have SSL vulnerabilities back in 2012. He said:

To read this article in full or to leave a comment, please click here