Hacker News new | past | comments | ask | show | jobs | submit login

> on Android and iOS around 40% of banking apps don't even check the certificate at all.

Please name and shame, this sounds pretty surprising!




List of Android SSL MITM vulnerable apps: https://samsclass.info/128/proj/popular-ssl.htm

Highly recommend any material on the main site as well. One of the few legit infosec professors I have ever interacted with.


At least for Android: https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w...

There are several banking-related apps listed here.


Heard that on an old security now episode, https://www.grc.com/sn/sn-443-notes.pdf is the best I have unfortunately, there's mention of it near the bottom there.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: