along_the_road ( @along_the_road@beehaw.org ) to Technology · 2 months agoHackers can steal 2FA codes and private messages from Android phonesarstechnica.comexternal-linkmessage-square7linkfedilinkarrow-up144cross-posted to: android@lemdro.idtechnology@lemmy.zip
arrow-up144external-linkHackers can steal 2FA codes and private messages from Android phonesarstechnica.com along_the_road ( @along_the_road@beehaw.org ) to Technology · 2 months agomessage-square7linkfedilinkcross-posted to: android@lemdro.idtechnology@lemmy.zip
minus-square Midnitte ( @Midnitte@beehaw.org ) linkfedilinkEnglisharrow-up4·2 months agoAuthenticator app just needs to implement FLAG_SECURE, no? Seems more like an app dev issue
minus-square jherazob ( @jherazob@beehaw.org ) linkfedilinkEnglisharrow-up4·2 months agoLooks like this works regardless of that
minus-square Midnitte ( @Midnitte@beehaw.org ) linkfedilinkEnglisharrow-up4·2 months agoLooks like you might be right - though I imagine disabling the ability to draw over apps with that security flag in place would do a lot to mitigate… but… im also not a security researcher
Authenticator app just needs to implement FLAG_SECURE, no?
Seems more like an app dev issue
Looks like this works regardless of that
Looks like you might be right - though I imagine disabling the ability to draw over apps with that security flag in place would do a lot to mitigate… but… im also not a security researcher