Categories Security

121 posts

Auto Added by WPeMatico

Project Capillary: End-to-end encryption for push messaging, simplified

Posted by Giles Hogben, Privacy Engineer and Milinda Perera, Software Engineer Developers already use HTTPS to communicate with Firebase Cloud Messaging (FCM). The channel between FCM server endpoint and the device is encrypted with SSL over TCP. However, messages are not encrypted end-to-end (E2E) between the developer server and the […]

Insider Attack Resistance

Posted by Shawn Willden, Staff Software Engineer Our smart devices, such as mobile phones and tablets, contain a wealth of personal information that needs to be kept safe. Google is constantly trying to find new and better ways to protect that valuable information on Android devices. From partnering with external […]

DNS over TLS support in Android P Developer Preview

Posted by Erik Kline, Android software engineer, and Ben Schwartz, Jigsaw software engineer The first step of almost every connection on the internet is a DNS query. A client, such as a smartphone, typically uses a DNS server provided by the Wi-Fi or cellular network. The client asks this DNS […]

On the Intersection of Software and Regulation

Software has been the most magical ingredient in economic terms and clearly the biggest “economic revolution” to have taken place in history, yet has also been largely unregulated. A twitter thread from March 21, 2018. What is going on with Facebook and privacy is very challenging for not just FB but […]

Android Security 2017 Year in Review

Originally posted by Dave Kleidermacher, Vice President of Security for Android, Play, ChromeOS, on the Google Security Blog Our team’s goal is simple: secure more than two billion Android devices. It’s our entire focus, and we’re constantly working to improve our protections to keep users safe. Today, we’re releasing our […]

Cryptography Changes in Android P

Posted by Adam Vartanian, Software Engineer We hope you’re enjoying the first developer preview of Android P. We wanted to specifically call out some backward-incompatible changes we plan to make to the cryptographic capabilities in Android P, which you can see in the developer preview. Changes to providers Starting in […]

A Guide To The New Field Of Software Politics

2016 was the year it became impossible to ignore the power software exerts on society. Today, in 2018, we can start to identify the… Continue reading on Fast Company » GurupriyanGurupriyan is a Software Engineer and a technology enthusiast, he’s been working on the field for the last 6 years. […]

How I hacked Tinder accounts using Facebook’s Account Kit and earned $6,250 in bounties

This is being published with the permission of Facebook under the responsible disclosure policy. The vulnerabilities mentioned in this blog post were plugged quickly by the engineering teams of Facebook and Tinder. This post is about an account takeover vulnerability I discovered in Tinder’s application. By exploiting this, an attacker could […]

I figured out a way to hack any of Facebook’s 2 billion accounts, and they paid me a $15,000 bounty…

I figured out a way to hack any of Facebook’s 2 billion accounts, and they paid me a $15,000 bounty for it I am publishing this with the permission of Facebook under the responsible disclosure policy. They have fixed this vulnerability. This post is about a simple vulnerability I discovered on […]