CTOnews.com, December 8 (Xinhua)-- Security experts from cyber security company IIIT Hyderabad recently attended a Black Hat Europe conference and revealed a loophole in Android's autofill feature that could accidentally reveal users' passwords.
Experts named the vulnerability "AutoSpill" and found that it could bypass Android's security auto-filling mechanism and expose sensitive information such as stored passwords.
After the Android app loads the login page in WebView, the password manager cannot pinpoint which box the user needs to enter login information in, thus exposing the native fields in the underlying application.
Researcher Ankit Gangwal explained that an attacker could exploit the vulnerability by legally logging in through a Google or Facebook account in an application and still steal the user's account information.
Pedro Canahuati, 1Password's chief technology officer, told TechCrunch that the company had identified and was working to repair AutoSpill. Canahuati says:
While the fix will further enhance our security posture, 1Password's auto-fill feature is designed to require users to take clear action. This update provides additional protection by preventing native fields from being populated with credentials that apply only to Android's WebView.
Craig Lurey, Keeper's chief technology officer, said in a speech shared with TechCrunch that the company had been notified of potential vulnerabilities but did not say whether any fixes had been made.
The detailed paper address of the vulnerability is attached to CTOnews.com, which can be read deeply by interested users.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
According to CTOnews.com on September 11, SE's derivative mobile game final Fantasy 7: eternal crisis has been downloaded more than 3 million times, and Blue Crystal × 1000 has been officially given to all players as of 7: 00 a.m. on October 9 Pacific Daylight time.
Beijing, Aug. 20 (Xinhua) for years, Japanese tax regulators have been trying to solve a puzzle that has given them a headache: why did Softbank Corp. Group, the most profitable company in Japan last year, pay so little tax? Softbank Corp. has paid zero taxes for 11 years. In recent years, officials of the Tokyo IRS
According to news on the evening of April 25, Beijing time, EU Internal Market Commissioner Thierry Thierry Breton said today that since August this year, Amazon's third-party market Marketplace and Apple's App Sto
Frame composition, like three-point composition and symmetrical composition, is often used in photography. Frame composition can well highlight the main body, strengthen the contrast, and is suitable for all kinds of themes. So today, let's share with you how to use frame composition reasonably and efficiently in different themes: 1. Scenery frame composition
CTOnews.com Sept. 2, Huawei Mate 50 series and the full scene of the new products will be held in autumn on September 6, Huawei Yu Chengdong said today that the plane will be equipped with "up-to-the-sky" communications technology, according to previous revelations for satellite communications. C