Latest news
Android runs applications in .dex format. Dex2Jar is the only tool available to convert Android APK's back into Java .jar files. This allows someone to decompile the .jar file using JD-GUI or JAD into readable source code. Once done, all proprietary source code and other sensitive information stored on backend databases are vulnerable.
RIIS knew if they could figure out a way to stop Dex2Jar from functioning, they could protect Android apps from being decompiled at all, thus protecting the apps from attackers. RIIS started investigating to see if Dex2Jar had any limitations they could expose. HoseDex2Jar was born.
"Developers can take steps such as using tools like ProGuard to obfuscate their code, but up until now, it has been impossible to prevent someone from decompiling an app," said Nolan.
"We realized if there was a way to stop Dex2Jar, we would stop all Android Decompilation. HoseDex2Jar does just that. It stops Dex2Jar by inserting harmless code in an Android APK that confuses and disables Dex2Jar and protects the code from decompilation. We're now able to go a step beyond obfuscation and prevent hackers from decompiling an APK into readable java code. This is huge for companies with Android apps available on Google Play."
Spotlight
Ransomware adds password stealing to its arsenal
Posted on 17 May 2013. | Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.
Application vulnerabilities still a top security concern
Posted on 16 May 2013. | Respondents to a new (ISC)2 study identified application vulnerabilities as their top security concern. A significant gap persists between software developers’ priorities and security professionals’ concerns.
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Hacking charge stations for electric cars
Posted on 15 May 2013. | Ofer Shezaf talks about what charge stations really are, why they have to be ‘smart’ and the potential risks created to the grid, to the car and most importantly to its owner’s privacy and safety.
Is Microsoft is reading your Skype communications?
Posted on 15 May 2013. | The question of whether Skype allows U.S. intelligence and law enforcement agencies to access the communications exchanged by its users has still not been adequately answered by Microsoft.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
