[Cryptography] Need Debunking help
Jerry Leichter
leichter at lrw.com
Fri May 2 17:18:08 EDT 2014
On May 2, 2014, at 4:56 PM, Tom Ritter <tom at ritter.vg> wrote:
> ...Working on SDCard, which is a no-no
> fileoutputstream = new FileOutputStream((new
> StringBuilder("/sdcard/")).append(MainActivity.decodeURIComponent(s)).toString());
>
> They embed a webview, which has some dangerous options... Looking like they're overriding certificate validation. Yay. ;)
>
> Posting username and password over HTTP in the URL? ...
One wonders if it's actually malware....
-- Jerry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4813 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140502/08bd50b7/attachment.bin>
More information about the cryptography
mailing list