Android OS/V1

From Violations Tracker
Jump to: navigation, search

Use of MD5 for manual ADB public key fingerprint display and verification

Status: Current — The violation is standing.

Android secures USB ADB debug access to a device via public key. However, an Android device will prompt a user to authorize a public key upon ADB connection attempt by displaying the MD5 fingerprint of the certificate used to initiate the connection. The use of MD5 is deprecated.