walles
commented
7 years ago You may want to review this ignoring whitespace changes: https://github.com/blog/967-github-secrets
Closed walles closed 7 years ago
walles
commented
7 years ago You may want to review this ignoring whitespace changes: https://github.com/blog/967-github-secrets
goober
commented
7 years ago Thank you. I think it looks good, sorry I have no improvement feedback for you this time :) Great job!
This is a step towards removing password encryption alltogether.
The background is that password encryption is broken on Android Nougat anyway, and that it didn't provide any extra security before that either.
Since Bankdroid needs to send plain text passwords to the banks, it must be possible to retrieve the plain text passwords automatically. And if the passwords are encrypted on disk, Bankdroid needs to have the key. And if Bankdroid stores both the key and the encrypted password on the phone, a determined attacker could get both anyway, and the encryption is useless.
The only thing the encryption has protected against is a user rooting their own device and retrieving their own plain text passwords. This would enable the attacker to read their own account balance from the bank.
Which they likely already could even before this change...
This change also disables an Android Lint check whose outcome changes over time; these checks are impossible to maintain. And we fixed some warnings.