On Thu, Jun 12, 2014 at 9:30 PM, Neil Burlock <[email protected]> wrote:
> I just received a cryptic email from Google stating that "one or more" or my
> apps is using outdated SSL code.
>
> Is there some reliable way for me to find out what they are referring to? I
> haven't implemented SSL into my apps, so it has to be some 3rd party tool
> that's doing it.
>
> The email threatens that if I guess it wrong, my apps could be suspended.
> Three or more policy violations usually equals account termination. I could
> update all APIs used and I could still miss whatever is doing it because it
> might be some feature built into the tool I used to write the apps.
>
> Google knows which apps are affected, and I need to find out what they know.
>
> I've been unable to find a way to contact anyone at Google for help. I've
> tried searching, but I keep ending up at the "help center".
>
> Is there some sort of email address for security issues?
>
Someone asked a similar question on Stack Overflow:
http://stackoverflow.com/questions/24197777/google-play-openssl-warning-message.
Are your SDK tools, platform tools and build tools up to date? Don't
the ad libraries come in through `android` program? I.e.,
sudo /opt/android-sdk/tools/android
--
You received this message because you are subscribed to the Google Groups
"Android Security Discussions" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/android-security-discuss.
For more options, visit https://groups.google.com/d/optout.
