We have moved to a new Sailfish OS Forum. Please start new discussions there.
5

Is Alien Dalvik affected by the Android vulnerabilities? [answered]

asked 2018-12-05 11:53:44 +0200

dominican gravatar image

updated 2018-12-05 19:27:23 +0200

I am newbie using sailfish, i am using some android apps like whatsapp and opera and I installed drweb security space to monitor the android apps, but it shows that Alien Dalvik have 5 vulnerabilities:

-ObjectInputStream Serialization (CVE-2014-7911) -Stagefright -OpenSSLX509Certificate (CVE-2015-3825) -Blueborne -Toast Overlay (CVE-2017-0752)

I would like to know you if those Alien Dalvik's Vulnerabilties affects me seriously? and if there is a plan to patch it?

edit retag flag offensive reopen delete

The question has been closed for the following reason "the question is answered, an answer was accepted" by dominican
close date 2018-12-22 18:17:47.774103

1 Answer

Sort by » oldest newest most voted
3

answered 2018-12-05 13:10:25 +0200

Sakke gravatar image

It's highly possible that these vulnerabilities can be exploited on Alien dalvik in some way but I'd take no big concern about this. It's rather the thing that some of those exploits can't even work on Sailfish since Android layer and Sailfish don't come along with all the functions and other stuff that are necessary to the vulnerabilities. For example Stagefright which is, as far as I've understood, about exploiting through MMS messages etc which Android layer isn't even capable on Sailfish OS

How about fixing these? I'm not so sure about the fixing process. We've discussed about the subject every now and then on here Jolla Together. I've understood that patching in some level is manageable but some patches require newer Android version (Alien dalvik) or even kernel related things.

Maybe someone who knows better can open up some things here too :)

edit flag offensive delete publish link more

Comments

1

Hurray! Alien dalvik problems protect us? 😄

potski ( 2018-12-06 09:59:20 +0200 )edit
1

I'd say it's not Alien dalvik problems themselves but rather the fact that Alien dalvik can't properly do things that are required in most of the Android vulnerabilities. In some cases it's about Alien dalvik not being able to force things on Sailfish OS (privilege issues or not implemented) and other cases about your discussed problems, perhaps.

Sakke ( 2018-12-06 21:01:04 +0200 )edit

Question tools

Follow
4 followers

subscribe to rss feed

Stats

Asked: 2018-12-05 11:53:44 +0200

Seen: 857 times

Last updated: Dec 05 '18

Related questions

Android VKB saves and suggests passwords in plaintext

WhatsApp notification [answered]

Why is Firefox' Sync functionality not supported (currently)? [answered]

[Request] Alien Dalvik full root [answered]

Suggestion: Switch to disable swiping in Android apps. [duplicate]

Android app settings lost when removing Alien Dalvik [released]

Bug: Android display timezone not set correctly [duplicate]

[Bug] Removing android App data [answered]

Skype video call ability [answered]

Android apps loses audio (resolved) [released]

Copyright © Jolla Ltd. 2013-2019. All rights reserved.
about | faq | help | privacy policy | terms of service | give feedback
Powered by Askbot version 0.7.49