这个必须赞!军校萌妹子的创意航拍毕业照 -军报记者
百度 上交所表示,2008年起,上交所探索建立查审分离的纪律处分机制。
Questions tagged [Android] should focus on security of the operating system itself, or of Android-specific apps. Questions about Android that are not directly security-related should be asked at android.stackexchange.com.
1,396 questions
-1
votes
0
answers
65
views
CPU-light local encryption solution for mobile devices?
I'd like to locally encrypt files and folders on Android before uploading them to a cloud storage service, just in case the cloud is not as private as advertised and assuming it faces higher threats ...
- 134k
0
votes
0
answers
46
views
Can I trust TeraBox? [closed]
TeraBox providing 1 TB completely for free looks so delicious, even too delicious to be real...
I have read a lot about TeraBox from the Internet and now I suppose that there are some connection ...
1
vote
1
answer
57
views
In PCI DSS SAQ A, does "customer’s browser" include merchant apps using TPSP-provided UI elements for card data?
I’m trying to understand a PCI DSS SAQ A requirement that says:
"All elements of the payment page(s)/form(s) delivered to the
customer’s browser originate only and directly from a PCI DSS
...
CommunityBot
- 1
2
votes
2
answers
629
views
Suspicious "ChromeSync" pop-up in Android requesting credentials
Since late May, I have been getting suspicious pop-up messages overlay on top of android Apps (see screenshots), requesting entering of the "ChromeSync Passphrase" for my google account.
I ...
CommunityBot
- 1
1
vote
1
answer
804
views
How to set autorunscript of core commands?
I'm trying to automate scripts of an Android Metasploit payload. I can successfully automate any script on the /post module, however, I'm trying to automate geolocate, dump_calllog and others that are ...
CommunityBot
- 1
4
votes
1
answer
74
views
What is best way to intercept http traffic on an APK that uses WebView
I have this project where I am trying to to intercept HTTPS traffic of an APK.
I have done this plenty of times with HTTP Toolkit and Bypassing pinning.
This project however has been very difficult as ...
- 136k
2
votes
1
answer
754
views
Confirming the validity/ownership of a Android Signing Certificate
I have a certificate that says the application was signed by Google, but on multiple searches I have reason to believe that it's not actually a google signing certificate.
Is there a way to query ...
CommunityBot
- 1
0
votes
1
answer
235
views
How does Android/Firefox authenticate the Android Pocket app, for example?
I installed the Android Pocket app and logged in. My default browser is Firefox, which is already logged in to my Firefox account. This meant I did not have to enter my Firefox account password. ...
CommunityBot
- 1
1
vote
1
answer
84
views
Is Android Keystore/iOS Keychain without biometric authentication still secure against physical access attacks?
I'm implementing refresh token storage in a mobile app and trying to understand the practical security differences between these two approaches:
Option 1: Hardware-backed storage WITHOUT biometric ...
- 7,051
2
votes
1
answer
248
views
Is it possible to move image files from a text thread on a phone to a virtual box without downloading them?
I'm looking into a spam bot that's been sending me messages on my phone (Samsung s10). It's sent a couple images that I want to try and scrape for metadata and do a reverse image search on. Since the ...
CommunityBot
- 1
0
votes
1
answer
393
views
MDM & "Work Profile" Implications on Android 14
What are the privacy implications of using an MDM "work profile" on your own Android 14 device? First, an MDM app such as MaaS360 must create the work profile while running in the personal ...
CommunityBot
- 1
3
votes
1
answer
6k
views
Security risks with setDomStorageEnabled(true) in Android?
What are the security risks associated with enabling setDomStorageEnabled(true) method?
Reference.
CommunityBot
- 1
2
votes
2
answers
415
views
Phone Number Appears to Have Been Temporarily Hijacked
What Happened:
At 8:40am Telegram sends me a login code via the Telegram desktop app.
At 8:44am Telegram informs me that someone has logged into my
account via ip address #1 (appears to be PIA vpn)
I ...
- 12.9k
1
vote
1
answer
358
views
Multiple SMS activation codes received by error
For several days now I am receiving activation codes by SMS that look like this:
Your ToYou verification code is 8058
Some are from ToYou, that seems to be a delivery service, others are from similar ...
CommunityBot
- 1
0
votes
1
answer
125
views
Securing OpenSSL for my Android project
I am working on a security-related project and have to make sure there are no OpenSSL attacks.
According to my understanding, OpenSSL attacks can be at at hardware as well as software level. Currently ...
- 24.9k