Mobile apps. Some polls. Is certificate pinning worthwhile?
-
Show this thread
-
Is root and jailbreak detection worthwhile?
9 replies 1 retweet 6 likesShow this thread -
Is code obfuscation worthwhile?
9 replies 1 retweet 4 likesShow this thread -
Will be interested to see what people think.
12 replies 0 retweets 5 likesShow this thread -
Replying to @cybergibbons
are you talking about "application shielding"? (a term which I don't love) Wired did a piece on it earlier this year.
1 reply 0 retweets 2 likes -
Replying to @kennwhite
I guess a subset of it. I agree with your take on it in here. An app should be secure even if totally open. But if it isn't, then this can deter attackers.https://www.wired.com/story/what-is-application-shielding/ …
1 reply 0 retweets 0 likes -
Replying to @cybergibbons @kennwhite
Interestingly skill is required to develop a secure app. Implementing obfuscation is trivial.
2 replies 0 retweets 0 likes -
Replying to @cybergibbons @kennwhite
Implementing /good/ obfuscation requires skill
1 reply 0 retweets 1 like -
Replying to @David3141593 @kennwhite
I think a lot of off the shelf tools make it hard enough to bypass. Still not seen several of the Chinese ones done.
1 reply 0 retweets 0 likes
It's just occurred to me that, if you're using someone else's obfuscator, you basically just have to trust them to not backdoor your app.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.