[guardian-dev] forensic analysis of WeChat's use of SQLCipher on Android

Hans-Christoph Steiner hans at guardianproject.info
Tue Jan 13 17:30:19 EST 2015

The big Chinese chat app WeChat uses SQLCipher-for-Android to store its
messages. But unfortunately, they just generate a password with local, public
info.  Here's a good example of how not to implement SQLCipher!



PGP fingerprint: 5E61 C878 0F86 295C E17D  8677 9F0F E587 374B BE81

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20150113/5c735017/attachment.sig>

More information about the Guardian-dev mailing list