Security in Android apps


 
Thread Tools Search this Thread
Operating Systems Linux Android Security in Android apps
# 1  
Old 07-13-2015
Security in Android apps

Hi,
I am Conrad

I was wondering, if anybody would be able to hack accounts on Android apps.
I mean for example we are logged on ebay or Facebook app, and we simply quit to home screen, without logging out, and also disconnect from network and again turn on network.
-To the point, Is it technically possible if anybody would hack our session, when we logged?
Of course we're using WiFi in home with WPA2, not public hotspot.

- How does situation look like with bank apps? Is it any risk when I immediately leave the app without logging out,
-But in web browser on android, on Facebook, is it possible to take over session?

-I 've found VPN app "Zenmate" on Google Play is that proper VPN? , is it worth to use it? or that is a piece of junk?
Login or Register to Ask a Question

Previous Thread | Next Thread

6 More Discussions You Might Find Interesting

1. Android

Android (operating system)

From Wikipedia (FYI): (0 Replies)
Discussion started by: Neo
0 Replies

2. Solaris

Openindiana + Android permissions

Hi, I use Openindiana with napp-it. I am able to access and modify the zfs folders from windows but not from android. I ve used several apps like ES File Exporer and AnsSMB with no success. I can see the server but when I try to login it complains about wrong credentials. Any help will be very... (5 Replies)
Discussion started by: iliakos
5 Replies

3. Android

Any Android Developers in the Forums?

I'm about to make the switch over to Android OS for my mobile phone. I'm thinking my first Android phone might be something like a Samsung Galaxy S or an HTC Desire HD, or I might wait for one of the new Android tablets coming out later this year (like the Samsung 7" tablet on Android). Was... (10 Replies)
Discussion started by: Neo
10 Replies

4. Android

Android Scripting Environment: Shell Scripting and Android

I just upgraded to Android 2.2 from 2.1. The GPS issue that was troublesome in 2.1 seems to have been fixed. Some of web browsing seems faster, but it could just be my connection is better today ;) Flash works in some browsers but not very good and it is too slow for Flash apps designed for... (0 Replies)
Discussion started by: Neo
0 Replies

5. Android

Android is Linux (and Java)

In case you did not know, Android 2.1, Éclair, runs on the 2.6.29 Linux kernel. However, the user space it is built atop Dalvik, a Google-designed custom JVM (Java virtual machine). This is pretty interesting, when you think about it. The core of Android is the linux kernel, and the standard... (5 Replies)
Discussion started by: Neo
5 Replies

6. Android

Example Linux Commands on Android

In case you are interested, here is a partial list of linux-like commands on Android OS: /sbin adbd devmgr recovery dfta init dfta.sh fat.format redbend_ua /system/bin (partial list) sh date netstat mount umount (0 Replies)
Discussion started by: Neo
0 Replies
Login or Register to Ask a Question
WWW::Facebook::API::Auth(3pm)				User Contributed Perl Documentation			     WWW::Facebook::API::Auth(3pm)

NAME
WWW::Facebook::API::Auth - Facebook Authentication SYNOPSIS
use WWW::Facebook::API; DESCRIPTION
Methods for accessing auth with WWW::Facebook::API SUBROUTINES
/METHODS base Returns the WWW::Facebook::API base object. new Constructor. create_token() auth.createToken of the Facebook API. Will always return the token string, regardles of the "parse" setting in WWW::Facebook::API: $token = $client->auth->create_token; get_session( $token ) auth.getSession of the Facebook API. If you have the desktop attribute set to true and $token isn't passed in, the return value from "$client->auth->create_token" will be used. If the desktop attribute is set to false the $token must be the auth_token returned from Facebook to your web app for that user: if ( $q->param('auth_token') ) { $client->auth->get_session( $q->param('auth_token') ); } "get_session" automatically sets "session_uid", "session_key", and "session_expires" for $client. It returns nothing. login( sleep => $sleep , browser => $browser_cmd ) Only for desktop apps. It first calls "create_token" to get a valid token. It then opens the user's default browser and have them sign in to the Facebook application. If "browser" is passed in, the module will use that string as the command to execute, e.g.: system qq($browser_cmd "$login_url"); After the browser is called, it will pause for $sleep seconds (or 15 seconds if $sleep is not defined), to give the user time to log in. The method returns the session token created by "create_token". expire_session( %params) Implementation of the auth.expireSession function. $result = $client->auth->expire_session(); promote_session( %params) Implementation of the auth.promoteSession function. $result = $client->auth->promote_session(); revoke_authorization( %params) Implementation of the auth.revokeAuthorization function. $result = $client->auth->revoke_authorization(); revoke_extended_permission( %params) Implementation of the auth.revokeExtendedPermission function. $result = $client->auth->revoke_extended_permission( perm => 'email', uid => $uid ); logout() Sends a POST to http://www.facebook.com/logout.php, with the parameter "confirm" set to 1 (Cf. http://developers.facebook.com/documentation.php?v=1.0&doc=auth ) PRIVATE METHODS
_use_http_uri() Makes the WFA object's server URI scheme http. Uses "_flip_scheme". _use_https_uri() Makes the WFA object's server URI scheme https. Uses "_flip_scheme". _flip_scheme( $make_https ) If $make_https is true, the scheme becomes https. If false, the scheme becomes http. The WFA object's "server_uri" attribute is then set to use that scheme. DIAGNOSTICS
Token needed for call to get_session You are running a desktop app and you did not pass a token into get_session. You can create a token by calling create_token() or (better) login(). You are running a web app and the user hasn't logged in to Facebook for your web app. When the user does so, an auth_token will be returned (as a parameter) to your callback url. Use that auth_token for the session. Don't know how to open browser for the system %s The module doesn't know the command to use to open a browser on the given system. If you passed in "browser" to login(), it can use that string as the command to execute to open the login url. Cannot use login method with web app The login() method is not able to be used to sign in when using a web app. See the Facebook TOS A.9.iv. CONFIGURATION AND ENVIRONMENT
WWW::Facebook::API::Auth requires no configuration files or environment variables. DEPENDENCIES
See WWW::Facebook::API INCOMPATIBILITIES
None. BUGS AND LIMITATIONS
No bugs have been reported. Please report any bugs or feature requests to "bug-www-facebook-api@rt.cpan.org", or through the web interface at <http://rt.cpan.org>. AUTHOR
David Romano "<unobe@cpan.org>" LICENSE AND COPYRIGHT
Copyright (c) 2007-2010, David Romano "<unobe@cpan.org>". All rights reserved. This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself. See perlartistic. DISCLAIMER OF WARRANTY
BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE SOFTWARE "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE IS WITH YOU. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE SOFTWARE AS PERMITTED BY THE ABOVE LICENSE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE SOFTWARE TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. perl v5.10.1 2010-03-13 WWW::Facebook::API::Auth(3pm)