BestHub
Sign in
Tag

Android security

0 views collected around this technical thread.

OPPO Kernel Craftsman
OPPO Kernel Craftsman
Aug 18, 2023 · Information Security

Shadow Call Stack (SCS) in Android: Mechanism, Requirements, and Implementation

Android’s Shadow Call Stack (SCS), silently enabled since Android R on AArch64 devices, stores return addresses in a protected register‑based stack separate from the regular stack, complementing stack canaries and requiring hardware support, while developers can activate it via -fsanitize=shadow-call-stack and avoid using X18 elsewhere.

Aarch64Android securityKernel
0 likes · 7 min read
Shadow Call Stack (SCS) in Android: Mechanism, Requirements, and Implementation
OPPO Kernel Craftsman
OPPO Kernel Craftsman
Oct 21, 2022 · Information Security

DirtyPipe (CVE‑2022‑0847) Vulnerability Analysis and Exploitation on Android/Linux

DirtyPipe (CVE‑2022‑0847) is a high‑severity Linux kernel flaw that lets attackers arbitrarily overwrite any readable file via an uninitialized pipe‑buffer flag, enabling privilege escalation on Android and other systems by patching shared libraries, bypassing SELinux, loading malicious modules, and ultimately gaining root, highlighting urgent need for patches and integrity protections.

Android securityCVE-2022-0847DirtyPipe
0 likes · 17 min read
DirtyPipe (CVE‑2022‑0847) Vulnerability Analysis and Exploitation on Android/Linux
vivo Internet Technology
vivo Internet Technology
Nov 10, 2021 · Mobile Development

Android mReferrer Security Analysis: Source Tracing and Anti-Forgery Solutions

The article reveals that Android’s Activity mReferrer field, derived from Context.getBasePackageName(), can be forged by overriding getBasePackageName(), outlines its data flow from ActivityTaskManagerService to Activity.attach, and recommends using the immutable UID via Binder.getCallingUid() for reliable source verification.

Activity InternalsAndroid securityAnti-Forgery
0 likes · 10 min read
Android mReferrer Security Analysis: Source Tracing and Anti-Forgery Solutions
Hujiang Technology
Hujiang Technology
Dec 13, 2016 · Information Security

Common Pitfalls and Solutions When Building an APK Protection Tool

This article enumerates the typical traps encountered while developing an Android APK protection solution—such as signature verification, JNI library stripping, smali injection limits, magic‑number manipulation, and post‑obfuscation safeguards—and offers practical mitigation strategies for each.

APK protectionAndroid securityJNI
0 likes · 11 min read
Common Pitfalls and Solutions When Building an APK Protection Tool
Alibaba Cloud Infrastructure
Alibaba Cloud Infrastructure
Sep 22, 2016 · Information Security

2016 China Internet Counterfeit App Landscape Report

Based on Alibaba security data from January to August 2016, an analysis of 240 popular Android apps across 16 industry categories found that 83% had counterfeit versions, totaling 8,267 fake apps that infected 67.9 million devices, with social networking apps leading the fraud landscape.

Android securityChinaIndustry Analysis
0 likes · 3 min read
2016 China Internet Counterfeit App Landscape Report