Видео

Thanks!

Thank you for your question! When talking about MiTM attacks, most people will understand it as a network attack where the attacker intercepts traffic from a victim (there are different ways to do so) and eavesdrops on the communication. The goal for the attacker is to listen in on data such as logins, or even edit data such as payments that are made. There's already a lot of techniques to prevent this e.g. browsers have built-in security features warning the users about this and SSL Pinning (without hardening from DG/iXG) will be enough. However, when we're talking about reverse engineering the idea is that the attacker performs a MiTM attack on their own device to listen in how the app communicates with its servers. The goal is to get a better understanding on how the server and app work together. This information can be used to plan a larger attack e.g. customized (modded) apps that make use of the service with additional features which are not desired by the app's developers, cheat in games, bypass license checks, etc.

Thanks for your interest-We do not plan to distribute the sample app as it wouldn't be responsible to publicly distribute code samples which demonstrate malware techniques. If you need guidance in implementing the right malware defence techniques for your use case, our team is here to help. You can also find more information regarding malware in our Mobile Application Security Research Center: www.guardsquare.com/mobile-app-security-research-center/malware/overview

In theory yes. But we keep a close eye on false positives, and remove them as far as possible. In this case, detecting that SHA-1/MD5 is used somewhere is fairly easy, so I would be surprised if this is a false positive.

Hi. Solving issues in a library is a difficult topic. Depending on the severity there might be a newer version of the library that you can just use that solves it. For SHA-1/MD-5 in Firebase, I am not so sure this is changed with a newer release. Then the big question becomes what these hashing algorithms are used for. There are some use-cases imagineable where it can be tolerated, but if this is e.g., used in sensitive parts (e.g., touching PII), this might be a real problem. Figuring this out is difficult, as you would need to analyze all usages of these insecure algorithms by hand, and then judge if it is ok or not. What might be possible to file that question to the Firebase team directly. Sorry for the late reply, we missed this question. If you want to get in contact with an AppSweep engineer, and get help with scan results for example, the easiest is to use the chat on the bottom right. There we can help much more interactively.

1. Here's a blog written from the creator of ProGuard (and co-founder of Guardsquare) about this very topic back in 2019: www.guardsquare.com/blog/comparison-proguard-vs-r8-october-2019-edition 2. Here's another blog we published just last month discussing how relying on ProGuard or R8 to protect your Android apps is not a comprehensive security approach: www.guardsquare.com/blog/android-security-and-obfuscation-realities-of-r8 3. And if you want to learn more from the engineers at Guardsquare who work on ProGuard, check out our community where you can reach out directly to discuss ProGuard/R8 or many other mobile app security topics: community.guardsquare.com/

@@Guardsquare Thanks

Check Jack Wharton (square) talk

Here's a link to schedule a one-on-one demo if you're interested in learning more about how we secure mobile apps throughtout the development lifecycle: www.guardsquare.com/live-demo-request

If you’re looking to learn more about code virtualization and more broadly about multi-layered code obfuscation, here are two other resources that dive a bit deeper: 1. www.guardsquare.com/blog/dexguard-introduces-code-virtualization-android 2. www.guardsquare.com/blog/fortress-your-app-with-multi-layered-code-obfuscation

@@Guardsquare thank you!

​@@GuardsquareLina ❤seliku Mama Memutarkan

Could you expand on how you think ChatGPT could make obfuscation obsolete? Would you use it to add obfuscation to your code? Or use it to circumvent obfuscated code?

​@@Guardsquare If the obfuscation is towards creating a cognitive barrier to overcome, so that if they reverse engineered it they would find a convoluted and hard to understand pile of code, one could provide the obfuscated code and ask it to refactor it, or to describe what is happening in detail. That things were spaghettified or some mathy calculations happened would be resolved quite quickly, since a person wouldn't need to sit down and detangle and map out what's going on.

Thank you for responding. Good reason to use multi-layered, polymorphic solutions that make obfuscation even more complex, and even more needed. A good resource is: www.guardsquare.com/blog/compiler-based-mobile-app-security-vs-app-shielding

@@Guardsquare Good luck.I don't know how far one would be able to get now with a decompiler / stack tracing / AI approach, but I'd surmise the clock is ticking (as it always is, regarding any methods of security)

That's a valid question from a developer's perspective and we have already taken steps to address it, as we believe that security measures do not have to compromise app performance. To learn more, we suggest checking out a recent blog post we wrote on the topic: www.guardsquare.com/blog/balancing-performance-and-security-with-android-baseline-profiles-and-dexguard

A tip : you can watch series at Kaldrostream. I've been using them for watching lots of of movies these days.

@Eden Ronald definitely, have been watching on Kaldrostream for since november myself :)

1r

Gjmo de vdd vc v.