How does the device recognize that the pushed data is from GCM server only? Are there any auth tokens that GCM server sends along with data? Can an attacker spoof GCM push data and send it to android client??
-- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
