Peter Gutmann schrieb:
Jürgen Brauckmann <[email protected]> writes:
http://www.howtogeek.com/198811/ask-htg-whats-the-deal-with-androids-persistent-network-may-be-monitored-warning/
Ugh, yuck! So on the one hand we have numerous research papers showing that
Android apps that blindly trust any old cert they find are a major problem,
and then we have Google sabotaging any attempt to build a proper trust chain
for Android apps.
Does anyone know if this was a momentary aberration in 4.4 or is this
behaviour is still present in newer versions of Android, 5.x and 6.x?
That behaviour "works as intended":
https://code.google.com/p/android/issues/detail?id=82036#c31
Regards,
Jürgen
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
