Re: [security-dev] Android Developers Blog: Using Cryptography to Store Credentials Safely

Wednesday, 20 February 2013

I have heard one of the biggest challenges with Android apps is once the 
phone is rooted, you have access to the APK.  Basically any unencrypted 
secrets/tokens used by the app are vulnerable. At a bare minimum, OAuth 
interactions require (ClientID + ClientSecret) combination to be saved.

On 02/20/2013 05:27 AM, Bruno Oliveira wrote:
...
 Morning, just be careful with the earlier releases from 
 Android http://code.google.com/p/android/issues/detail?id=40578

 -- 
 "The measure of a man is what he does with power" - Plato
 -
 @abstractj
 -
 Volenti Nihil Difficile

 On Tuesday, February 19, 2013 at 11:20 PM, Anil Saldhana wrote:

>
http://android-developers.blogspot.com/2013/02/using-cryptography-to-stor...
>
> 

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Re: [security-dev] Android Developers Blog: Using Cryptography to Store Credentials Safely