Androidアプリの暗号化キーに関する脆弱性をIBMが指摘、修正パッチはAndroid4.4にのみ配布され全体の約86%は依然危険にさらされたまま
http://gigazine.net/news/20140630-android-keystore-vulnerability/
Android KeyStore Stack Buffer Overflow
http://securityintelligence.com/android-keystore-stack-buffer-overflow-to-keep-things-simple-buffers-are-always-larger-than-needed/
Serious Android crypto key theft vulnerability affects 86% of devices | Ars Technica
http://arstechnica.com/security/2014/06/serious-android-crypto-key-theft-vulnerability-affects-86-of-devices/