Comment on Hackers can steal 2FA codes and private messages from Android phones
Midnitte@beehaw.org 1 day agoAuthenticator app just needs to implement FLAG_SECURE, no?
Seems more like an app dev issue
Comment on Hackers can steal 2FA codes and private messages from Android phones
Midnitte@beehaw.org 1 day agoAuthenticator app just needs to implement FLAG_SECURE, no?
Seems more like an app dev issue
jherazob@beehaw.org 19 hours ago
Looks like this works regardless of that
Midnitte@beehaw.org 18 hours ago
Looks like you might be right - though I imagine disabling the ability to draw over apps with that security flag in place would do a lot to mitigate… but… im also not a security researcher