Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Presentation

How We Discovered Thousands of Vulnerable Android Apps in 1 Day

  • Abstract

    Thousands of Android applications do not implement SSL correctly. Such apps can mislead users into thinking that they are carrying out secure transactions when, in fact, all information is being relayed in clear text! In this presentation, we will describe our methodology in discovering these vulnerabilities, and recommend mitigation strategies for both developers and users.

  • Slides