New Android vulnerability allows attackers to modify apps without affecting their signatures

Past issues Subscribe

Dec 7 Dec 21

Dec 14 2017

New Android vulnerability allows attackers to modify apps without affecting their signatures

Fresh news from Droid zone

Hello, you're reading Infinum Android Sweets, bringing you the latest Android related news straight to your inbox every week.

New Android vulnerability allows attackers to modify apps without affecting their signatures | GuardSquare

A serious vulnerability (CVE-2017-13156) in Android allows attackers to modify the code in applications without affecting their signatures. The root of the problem is that a file can be a valid APK file and a valid DEX file at the same time. We have named it the Janus vulnerability, after the Roman god of duality.

Articles

Understanding Types Of Observables In RxJava – Mindorks

Observable — Operator — Observer

Listeners with several functions in Kotlin. How to make them shine?

One question I get often is how to simplify the interaction with listeners that have several functions on Kotlin. For listeners (or any interfaces) with a single function is simple: it automatically lets you replace it by a lambda. But that’s not the case for listeners with several functions.

6 magic sugars that can make your Kotlin codebase happier — Part 2

Try new things. I think a lot of what people call intelligence boils down to curiosity. — Aaron Swartz

Parsing Data Binding Errors

An Android Love Affair

Android Notification & Data Messages From App Server Using Firebase Cloud Messaging

Android notification & data messages from app server using Firebase cloud messaging example, fcm message types, fcm topic, android firebase messaging service, cloud messaging android client, handling messages background and froreground app, recycler view, json data and firebase job scheduler examples.

Libraries

GitHub - dvdciri/daggraph: Dagger dependency graph generator for Android Developers

daggraph - Dagger dependency graph generator for Android Developers

GitHub - uber/artist: An artist creates views. Artist is a Gradle plugin that codegens a base set of Android Views.

An artist creates views. Artist is a Gradle plugin that codegens a base set of Android Views.

Videos/Podcasts

106: The Reactive Workflow Pattern with Ray Ryan – Fragmented

Class of the week

Presentation | Android Developers

A presentation is a special kind of dialog whose purpose is to present content on a secondary display. A Presentation is associated with the target Display at creation time and configures its context and resource configuration according to the display's metrics.

Curated by Infinum's Android team.

Infinum Android Team · 156 2nd St · San Francisco CA 94105 · USA

Unsubscribe | View in browser

Previous Issues

Jan 22
Make your own device lab!
Jan 15
How much debuggable option slows down your app?
Jan 8
Do you know how to keep secrets?
Dec 18
Is your app MAD enough?
Dec 11
Is your design system prepared for Compose?
Dec 4
Stop Holding Dagger by the Blade
Nov 27
Ever heard about InputConnection?
Nov 20
Find out about the new requirements for Google Play in 2021
Nov 13
Explore State Based UI
Nov 6
Learn how to modularise your libraries

New Android vulnerability allows attackers to modify apps without affecting their signatures

Make your own device lab!

How much debuggable option slows down your app?

Do you know how to keep secrets?

Is your app MAD enough?

Is your design system prepared for Compose?

Stop Holding Dagger by the Blade

Ever heard about InputConnection?

Find out about the new requirements for Google Play in 2021

Explore State Based UI

Learn how to modularise your libraries