I'm finding a LOT of vulnerable Android apps that CERT's automated scan missed in 2014 http://www.cert.org/blogs/certcc/post.cfm?EntryID=204 …
@sambowne @aubrey_lab Modifying an application's code doesn't really seem valid. Installing a malicious app is risky on mostly any platform.
-
-
.
@wdormann Every company who'll talk to me admitted they needed binary protections. None of them denied its importance. -
@sambowne When the underlying OS doesn't enforce code signing, how can one expect an application to prevent itself from being modified? - 1 more reply
New conversation -
-
-
.
@wdormann Apps should have binary protections, so modified apps won't run. OWASP agrees--see M10 https://samsclass.info/android/ -
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.