Security

Secure messaging apps are one of the most-used app categories on current mobile devices, and a significant subset of human …

Quick steps to install apps from non-Google-Play sources in Android Private Space (introduced with Android 15)

Use a password manager. But which one?

Android is the most widely deployed end-user focused operating system. With its growing set of use cases encompassing communication, …

Android has different types of lock states. This post summarizes what they are, what their purpose is, and how the interact.

Die aktuelle Situation fordert Unternehmen nicht nur in der Organisation Ihres Kerngeschäfts, sondern auch bei der Sicherheit der …

Responsible/coordinated/timed disclosure is continuously a topic of heated debate, even more so when PoC (proof of concept) exploit code is included in the release. This post gives arguments in favor of full PoC disclosure from a defender’s point of view.

Android security trade-offs: Rooting “Rooting” has been part of the Android ecosystem pretty much since its creation. Within the context of this blog post, I define rooting as a method to disable standard sandboxing mechanisms for particular processes, which is a superset of Nick Kralevich’s earlier definition because many posts mix up the intentional, user-driven root access with exploitation of vulnerabilities.

Android security trade-offs The Android ecosystem is highly diverse, complex, and has many different stakeholders typically not visible in the limelight. Consequently, making decisions about features in the platform itself — what we call AOSP (Android Open Source Project) — is hard, and often in surprising ways.