along_the_road@beehaw.org to Technology@beehaw.org · 3 days agoHackers can steal 2FA codes and private messages from Android phonesarstechnica.comexternal-linkmessage-square6fedilinkarrow-up144arrow-down10cross-posted to: [email protected][email protected]
arrow-up144arrow-down1external-linkHackers can steal 2FA codes and private messages from Android phonesarstechnica.comalong_the_road@beehaw.org to Technology@beehaw.org · 3 days agomessage-square6fedilinkcross-posted to: [email protected][email protected]
minus-squareMidnitte@beehaw.orglinkfedilinkEnglisharrow-up4·2 days agoAuthenticator app just needs to implement FLAG_SECURE, no? Seems more like an app dev issue
minus-squarejherazob@beehaw.orglinkfedilinkEnglisharrow-up4·2 days agoLooks like this works regardless of that
minus-squareMidnitte@beehaw.orglinkfedilinkEnglisharrow-up4·2 days agoLooks like you might be right - though I imagine disabling the ability to draw over apps with that security flag in place would do a lot to mitigate… but… im also not a security researcher
Authenticator app just needs to implement FLAG_SECURE, no?
Seems more like an app dev issue
Looks like this works regardless of that
Looks like you might be right - though I imagine disabling the ability to draw over apps with that security flag in place would do a lot to mitigate… but… im also not a security researcher