Linux flaw also affects Android/Sailfish devices
 

https://blog.lookout.com/blog/2016/0...ility-android/

Linux flaw that allows anyone to hijack Internet traffic also affects 80% of Android devices

Probably Jolla C too with Dalvik installed?

Edit: Jolla C and Tablet seems to be also vulnerable

Re: Linux flaw also affects Android devices
 

It is my understanding that the vulnerability is in the kernel. IOW, it does not make a difference whether AD is used or not.

What kernel version does JC use? J1 has 3.4, too old and thus safe.

Re: Linux flaw also affects Android devices
 

I think that Jolla C was using at least 3.6
So it might be vulnerable as well

Re: Linux flaw also affects Android devices
 

Jolla C kernel is 3.10.49

Re: Linux flaw also affects Android devices
 

In other words: it's vulnerable :(

Re: Linux flaw also affects Android/Sailfish devices
 

No a very serious flaw.

TCP connection hijacking can only ever be used against unencrypted connections so for example ssl/ssh connections are safe provided you don't override certificates :)

Re: Linux flaw also affects Android/Sailfish devices
 

Not exactly so, this attack, while not 'easy' still, does enables attacking (downgrading) SSL connections.
It has been possible for some years, by MiTM attacks, the situation now however is it is no longer needed to be on the same network (MiTM), you do however, need to know IP adress of both targets. (Victim and server).

Re: Linux flaw also affects Android/Sailfish devices
 

does anyone ever exploit these flaws and make serious money off them?

Re: Linux flaw also affects Android/Sailfish devices
 

Besides the NSA?

Re: Linux flaw also affects Android/Sailfish devices
 

NSA et al do not need this exploit to read your emails and eavesdrop on your browsing. They can simply request the data from your ISP. In the worst case they can use the backdoors in encryption algorithms.