Android SSL Pinning

Introduction

Modern requirements to mobile data processing apps designed for work with personal and financial data include secure data transfer over the Internet. SSL pinning is a mechanism used to satisfy this requirement: it enables the user to identify a server based on an SSL certificate stamp embedded into the app. This makes Man-In-the-Middle attacks almost impossible and prevents the interception of the data traffic between a client and a server.

cyberlands.io

Read full article →


Counter-Forensics. Protecting your smartphone against the Five Eyes

The Editorial Board decided to publish this material after reviewing a large number of articles in various periodicals, including technical ones. All these publications, with no exceptions, repeat the same trivial recommendations: “use a complex screen lock code”, “enable the fingerprint scanner”, “disable Smart Lock”, “make use of two-factor authentication”, and the most sarcastic recommendation for many Android users: “update your OS”. No doubt, all these steps make sense, but are they sufficient to make your phone secure? We believe not.

Read full article →


Encoder for Android: сomplete software anatomy

Until recently, based on the results of surveys and personal experience, I had the impression that users believe that the value of data stored on a device greatly exceeds the cost of the device itself. Why until recently? Well, the current US dollar exchange rate means that I haven’t seen such surveys among new iPhone users :).

Read full article →