Google’s “Web Integrity” Android API could kill “alternative” media clients - eviltoast
  • 0xD@infosec.pub
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    6
    ·
    1 year ago

    That is just standard and a completely sensible security measure for preventing people from tampering with an application. It cannot replace proper, server-side security measures but is a big step. Especially for stuff like banking applications.

    • BaldDude@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      9
      ·
      edit-2
      1 year ago

      I never really understood that:

      If I’m using my browser to do banking via the website, Having root privileges and tampering with the Browser running the applications is not an issue.

      If i use the banking app, Having root privileges suddenly become a problem.

      –> To me, it doesn’t look like the problem is technical, but that users are accepting things on mobile that they wouldn’t accept on a PC.