Another Big Ol’ Android Vulnerability — Certifi-Gate

Another day, another Android vulnerability. Maybe it is as bad as Flash. “Dubbed Certifi-gate, the researchers say that vulnerabilities in the OEM (manufacturers of Android devices like Samsung, LG and Sony) implementation of Remote Support allows a third party app’s plugins to access a device’s screens and actions using an OEMs own signed certificates. That means a nefarious individual could see what you’re doing and control your phone or tablet. And according to the researchers, there’s no reasonable way to revoke the certificates as an end user.”