[guardian-dev] Google Play In-App Billing Library Hacked
Dominik Schürmann
dominik at dominikschuermann.de
Tue Oct 29 15:26:06 EDT 2013
Hey,
just for your amusement, if you haven't read it already.
I discovered two stupid bugs in Google In-App billing library:
http://sufficientlysecure.org/index.php/2013/10/29/google-play-billing-hacked/
Take home message: Protect your exported services and don't be stupid
when implementing signature verification ;)
Regards
Dominik
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 551 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20131029/6bd21825/attachment.pgp>
More information about the Guardian-dev
mailing list