along_the_road@beehaw.org to Technology@beehaw.org · 12 days agoHackers can steal 2FA codes and private messages from Android phonesarstechnica.comexternal-linkmessage-square7fedilinkarrow-up144arrow-down10cross-posted to: technology@lemmy.zip
arrow-up144arrow-down1external-linkHackers can steal 2FA codes and private messages from Android phonesarstechnica.comalong_the_road@beehaw.org to Technology@beehaw.org · 12 days agomessage-square7fedilinkcross-posted to: technology@lemmy.zip
minus-squareMidnitte@beehaw.orglinkfedilinkEnglisharrow-up4·12 days agoAuthenticator app just needs to implement FLAG_SECURE, no? Seems more like an app dev issue
minus-squarejherazob@beehaw.orglinkfedilinkEnglisharrow-up4·11 days agoLooks like this works regardless of that
minus-squareMidnitte@beehaw.orglinkfedilinkEnglisharrow-up4·11 days agoLooks like you might be right - though I imagine disabling the ability to draw over apps with that security flag in place would do a lot to mitigate… but… im also not a security researcher
Authenticator app just needs to implement FLAG_SECURE, no?
Seems more like an app dev issue
Looks like this works regardless of that
Looks like you might be right - though I imagine disabling the ability to draw over apps with that security flag in place would do a lot to mitigate… but… im also not a security researcher