You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

2013-10-14-android-security.org 732B

As a reminder, Android is open source but is not a community project; there is a difference. Please try and submit a patch for this and see how far it gets you.

Some time ago, I was adding secure authentication to my APRSdroid app

for Amateur Radio geolocation. While debugging its TLS handshake, I

noticed that RC4-MD5 is leading the client's list of supported ciphers

and thus wins the negotiation. As the task at hand was about

authentication, not about secrecy, I did not care.

http://op-co.de/blog/posts/android\_ssl\_downgrade/ via http://sparkslinux.wordpress.com/2013/10/14/why-android-ssl-was-downgraded-from-aes256-sha-to-rc4-md5-in-late-2010/