Adding the cc.. ---------- Forwarded message ---------- From: t0hitsugu <[email protected]> Date: Tue, May 17, 2011 at 3:24 PM Subject: Re: [android-security-discuss] ClientLogin vulnerability To: Droid_BT <[email protected]>
I noticed something similar a few weeks ago while using the firefox app, though I hadn't realized it was an android problem vs mozilla specifically. Still, as others pointed out to me, if you have to be on the same network, stealing login credentials is extremely easy to do with common tools such as wireshark, dsniff, etc. On Tue, May 17, 2011 at 8:45 AM, Droid_BT <[email protected]> wrote: > > http://www.bgr.com/2011/05/17/99-of-android-handsets-vulnerable-to-account-credential-theft/ > > Any thoughts on this topic? I need to have a good story for my clients > who are currently authorizing use of Android devices in their device > pool. > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > > Wireshark Cookie Dump: OKCancel Wireshark Cookie Dump: OKCancel -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
