Posted by Giles Hogben, Privacy Engineer and Milinda Perera, Software Engineer Developers already use HTTPS to communicate with Firebase Cloud Messaging (FCM). The channel between FCM server endpoint and the device is encrypted with SSL over TCP. However, messages are not encrypted end-to-end (E2E) between the developer server and the […]
Categories Security
121 posts
Posted by Shawn Willden, Staff Software Engineer Our smart devices, such as mobile phones and tablets, contain a wealth of personal information that needs to be kept safe. Google is constantly trying to find new and better ways to protect that valuable information on Android devices. From partnering with external […]
Posted by Erik Kline, Android software engineer, and Ben Schwartz, Jigsaw software engineer The first step of almost every connection on the internet is a DNS query. A client, such as a smartphone, typically uses a DNS server provided by the Wi-Fi or cellular network. The client asks this DNS […]
For the average person or company, experiencing a data breach, or any kind of electronic security incident, it can be a lot like a car accident. It’s disorienting. It’s confusing. You’re not entirely sure what to do next. In situations like this, it is often comforting to have a standard […]
Software has been the most magical ingredient in economic terms and clearly the biggest “economic revolution” to have taken place in history, yet has also been largely unregulated. A twitter thread from March 21, 2018. What is going on with Facebook and privacy is very challenging for not just FB but […]
Originally posted by Dave Kleidermacher, Vice President of Security for Android, Play, ChromeOS, on the Google Security Blog Our team’s goal is simple: secure more than two billion Android devices. It’s our entire focus, and we’re constantly working to improve our protections to keep users safe. Today, we’re releasing our […]
Posted by Adam Vartanian, Software Engineer We hope you’re enjoying the first developer preview of Android P. We wanted to specifically call out some backward-incompatible changes we plan to make to the cryptographic capabilities in Android P, which you can see in the developer preview. Changes to providers Starting in […]
2016 was the year it became impossible to ignore the power software exerts on society. Today, in 2018, we can start to identify the… Continue reading on Fast Company » GurupriyanGurupriyan is a Software Engineer and a technology enthusiast, he’s been working on the field for the last 6 years. […]
This is being published with the permission of Facebook under the responsible disclosure policy. The vulnerabilities mentioned in this blog post were plugged quickly by the engineering teams of Facebook and Tinder. This post is about an account takeover vulnerability I discovered in Tinder’s application. By exploiting this, an attacker could […]
I figured out a way to hack any of Facebook’s 2 billion accounts, and they paid me a $15,000 bounty for it I am publishing this with the permission of Facebook under the responsible disclosure policy. They have fixed this vulnerability. This post is about a simple vulnerability I discovered on […]