Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Presentation

How We Discovered Thousands of Vulnerable Android Apps in 1 Day

  • August 2015
  • By Joji Montelibano2393, Will Dormann2547
  • In this presentation, we will describe our methodology in discovering these vulnerabilities, and recommend mitigation strategies for both developers and users.
  • Vulnerability Analysis
  • Publisher: Software Engineering Institute
  • Abstract

    Thousands of Android applications do not implement SSL correctly. Such apps can mislead users into thinking that they are carrying out secure transactions when, in fact, all information is being relayed in clear text! In this presentation, we will describe our methodology in discovering these vulnerabilities, and recommend mitigation strategies for both developers and users.

  • Slides