back to article Dozens of vulnerabilities fixed in Xiaomi, Google Android flavors … slowly

Oversecured, a business that scans mobile apps for security issues, says it has identified more than two dozen vulnerabilities over the past few years affecting Android apps from smartphone maker Xiaomi and Google's Android Open Source Project (AOSP). Twenty of the vulnerabilities, we're told, were reported a year ago to …

  1. Anonymous Coward
    Anonymous Coward

    Seems about right for Xiaomi

    I've owned Xiaomi kit and found the hardware is great but the software always seems to let it down.

  2. Anonymous Coward
    Anonymous Coward

    Pinduoduo

    There is a full report about Pinduoduo's nefarious activities from Chinese researchers (also in English) on GitHub along with samples of the DEX files and a bin file which hid all its activities which isn't too hard to find with a DDG web search.

    The GitHub account also contains helpful scripts to be used with Pythons "pwntools" PyPi library to decrypt the strings in the DEX files so you can see how they exploited intents in Android on several different Android phone manufacturers.

    Happy Hunting!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like