Hi my #Indian friends
! Let me show you another way to bypass the password protection in the official #Aadhaar #Android app.
Once again, in less than 1 minute, an attacker can access your #Aadhaar informations without having your password #AadhaarFailpic.twitter.com/J5gM9umHKo
-
-
Replying to @fs0c131y
But on top of physical access, the phone would need to be unlocked (meaning you know the phone’s password or pattern) and enable dev mode, right?
1 reply 1 retweet 1 like -
Replying to @ivRodriguezCA
You don't need to enable dev mode. You can launch the command with an app like
@termux for example1 reply 2 retweets 7 likes -
But that would require the attacker to install an app, wouldn’t it? It’s no different from being able to enable dev mod on the device. My point is that the attacker needs physical access and the password/pattern but that thread model is almos impossible to protect against, no?
1 reply 0 retweets 1 like -
Replying to @ivRodriguezCA @termux
Yes, a physical access is needed. It's clearly not impossible to protect your app against this kind of thread.
2 replies 2 retweets 3 likes -
loll sorry, meant *Threat
1 reply 0 retweets 0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.