How My Rogue Android App Could Monitor & Brute-force Your App’s Sensitive Metadata

TL;DR: A rogue Android app could read any other App’s file metadata: filename, size, last modification date. If a filename contained sensitive predictable data, the rogue Android app could locally brute-force this, which was the case for Instagram on Android.… Continue Reading →

Print Share Comment Cite Upload Translate

APA

() » How My Rogue Android App Could Monitor & Brute-force Your App’s Sensitive Metadata. Retrieved from https://www.truth.cx/2016/09/08/how-my-rogue-android-app-could-monitor-brute-force-your-apps-sensitive-metadata/.

MLA

" » How My Rogue Android App Could Monitor & Brute-force Your App’s Sensitive Metadata." - , https://www.truth.cx/2016/09/08/how-my-rogue-android-app-could-monitor-brute-force-your-apps-sensitive-metadata/

HARVARD

» How My Rogue Android App Could Monitor & Brute-force Your App’s Sensitive Metadata., viewed ,

VANCOUVER

- » How My Rogue Android App Could Monitor & Brute-force Your App’s Sensitive Metadata. [Internet]. [Accessed ]. Available from: https://www.truth.cx/2016/09/08/how-my-rogue-android-app-could-monitor-brute-force-your-apps-sensitive-metadata/

CHICAGO

" » How My Rogue Android App Could Monitor & Brute-force Your App’s Sensitive Metadata." - Accessed . https://www.truth.cx/2016/09/08/how-my-rogue-android-app-could-monitor-brute-force-your-apps-sensitive-metadata/

IEEE

" » How My Rogue Android App Could Monitor & Brute-force Your App’s Sensitive Metadata." [Online]. Available: https://www.truth.cx/2016/09/08/how-my-rogue-android-app-could-monitor-brute-force-your-apps-sensitive-metadata/. [Accessed: ]

Select a language: Afrikaans Albanian Arabic Armenian Basque Bengali Bulgarian Catalan Cambodian Chinese (Mandarin) Croatian Czech Danish Dutch English Estonian Fiji Finnish French Georgian German Greek Gujarati Hebrew Hindi Hungarian Icelandic Indonesian Irish Italian Japanese Javanese Korean Latin Latvian Lithuanian Macedonian Malay Malayalam Maltese Maori Marathi Mongolian Nepali Norwegian Persian Polish Portuguese Punjabi Quechua Romanian Russian Samoan Serbian Slovak Slovenian Spanish Swahili Swedish Tamil Tatar Telugu Thai Tibetan Tonga Turkish Ukrainian Urdu Uzbek Vietnamese Welsh Xhosa TL;DR: A rogue Android app could read any other App’s file metadata: filename, size, last modification date. If a filename contained sensitive predictable data, the rogue Android app could locally brute-force this, which was the case for Instagram on Android.… <a href="https://www.arneswinnen.net/2016/09/how-my-rogue-android-app-could-monitor-brute-force-your-apps-sensitive-metadata/" class="more-link">Continue Reading <span class="meta-nav">→</span></a> First name:

Last name: