Centered on user data security and privacy, we conduct research and open our tech capabilities to developers, building an information‑security fortress for partners and users and safeguarding OPPO device security.
This article traces the evolution of Bluetooth Low Energy (BLE), explains why it dominates modern IoT, and examines three major security threat vectors—protocol flaws, supply‑chain vulnerabilities, and product design weaknesses—while offering concrete mitigation strategies and reference resources.
Simply deleting files or resetting a phone does not truly remove data; this guide explains why old devices can leak personal photos, messages, payment info, and social accounts, and provides a detailed, multi‑step process to securely wipe and destroy all residual data on Android phones.
This article explains the difference between exported and non‑exported Android components, demonstrates how malicious apps can embed an Intent inside another exported component to reach private components, and provides practical detection and mitigation techniques to protect against Intent redirection vulnerabilities.
This guide outlines practical mobile security measures—including strong passwords, trusted apps, cautious network use, permission management, and timely updates—to protect personal information stored on smartphones from privacy breaches and attacks.
The article explains the DICE (Device Identity Composition Engine) standard introduced by the Trusted Computing Group, detailing its terminology, chain‑derived CDI mechanism, key generation, certificate issuance, and how it enables device identification, secure boot, rapid startup, data protection, and OTA firmware updates for IoT and mobile devices.
This article reviews OPPO's sixth Technical Open Day session on application and data security, detailing the current state, case studies, detection methods, and SDL integration for third‑party SDKs, and offers practical recommendations to mitigate privacy leaks, code execution, and other high‑risk vulnerabilities.
Incremental installation streams core APK files to launch apps quickly, while Android 11’s V4 signature uses Merkle trees for secure, efficient verification, enabling partial package delivery and background updates, a technique detailed with architecture, ADB workflow, and code structures for developers.
This article introduces Secure Multi‑Party Computation and its two‑party variant, explains Yao’s garbled circuit technique, details a complete garbled‑circuit protocol, and walks through a concrete millionaire‑problem example to illustrate privacy‑preserving computation.
This article introduces essential cryptography fundamentals for programmers, covering public‑key encryption, key‑exchange protocols, digital envelopes, signatures, certificates, hash functions, MACs, and authenticated encryption with associated data, while highlighting practical security considerations.
This article introduces the fundamentals of cryptography, explaining what passwords are, the difference between encryption and decryption, classifications of cryptographic algorithms such as symmetric, asymmetric, hash functions, and message authentication, and illustrates concepts with examples like RC4 and block cipher modes.
