Guest Loxley Posted December 26, 2009 Report Posted December 26, 2009 Hi there! The attached update.zip contains an updated certificate store. It is based on the original one from Android GitWeb (eclair snapshot), but I added the root certificate for StartSSL which is trusted by the Mozilla Foundation, Apple and Microsoft, but somehow didn't make it into android. (The old Startcom FreeSSL certificate is included in android, but you won't find that in the wild anymore.) Hope it saves someone some time Niki update.zip The contained Certificates: certs.txt
Guest ippoP Posted December 26, 2009 Report Posted December 26, 2009 Hope it saves someone some time I hope this important piece of information is safe! IMHO playing with certificates can be very dangerous. Any idea about this otherwise wonderful piece of news?
Guest Loxley Posted December 26, 2009 Report Posted December 26, 2009 I hope this important piece of information is safe! It's all about trust isn't it? Why should you trust my certificate store? I might have slipped in a certificate that would allow me to pretend I'm [google|microsoft|amazon], now I just would have to lure you to my faked homepage... Let's be a wee bit paranoid: You have rooted your phone, did a update.zip contain a malicious keystore? You're using Paul's roms, did he tamper with the certitficate store at one time? Pauls roms are based on the roms other people put on the net, did Paul check the store? Did you check that it always and with every update.zip was the original one? Honestly, if your phone is rooted you put a lot of things in gods hands, and if I wanted to start a scam, I would use a phone with a bigger market share. And I would find a more reliable way to part you from your money. Have a nice day Niki
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now