CalyxOSSep 11, 2024
Aurora Store is implementing #CertificatePinning when connecting to Google Play to make you more secure while having the ability to download, install, and automatically update apps anonymously
https://gitlab.com/AuroraOSS/AuroraStore/-/commit/c6989a1038a0e37bec28f02cf1fb7d876d5fb2ff
HttpClient: Enable SSL pinning for google domains (c6989a10) · Commits · Aurora OSS / AuroraStore · GitLab

.pem file obtained from https://pki.goog/roots.pem Signed-off-by: Aayush Gupta

GitLab
The Calyx InstituteSep 11, 2024
Aurora Store is implementing #CertificatePinning when connecting to Google Play to make you more secure while having the ability to download, install, and automatically update apps anonymously
https://gitlab.com/AuroraOSS/AuroraStore/-/commit/c6989a1038a0e37bec28f02cf1fb7d876d5fb2ff
HttpClient: Enable SSL pinning for google domains (c6989a10) · Commits · Aurora OSS / AuroraStore · GitLab

.pem file obtained from https://pki.goog/roots.pem Signed-off-by: Aayush Gupta

GitLab
Nick MerrillSep 11, 2024
Aurora Store is implementing #CertificatePinning when connecting to Google Play to make you more secure while having the ability to download, install, and automatically update apps anonymously
https://gitlab.com/AuroraOSS/AuroraStore/-/commit/c6989a1038a0e37bec28f02cf1fb7d876d5fb2ff
HttpClient: Enable SSL pinning for google domains (c6989a10) · Commits · Aurora OSS / AuroraStore · GitLab

.pem file obtained from https://pki.goog/roots.pem Signed-off-by: Aayush Gupta

GitLab
Esa JokinenJul 23, 2024

Let's Encrypt has made implementing DANE even more difficult. The root CA is no longer included in the chain, and the intermediates may change without notice. To address these issues, I wrote a script that automates TLSA record creation from the published intermediates.

#letsencrypt #dane #tlsa #certificatepinning

https://github.com/oh2fih/Misc-Scripts/blob/main/bin/letsencrypt-tlsa.sh

Misc-Scripts/bin/letsencrypt-tlsa.sh at main · oh2fih/Misc-Scripts

Miscellaneous scripts for different purposes. Mostly unrelated to each other. - oh2fih/Misc-Scripts

GitHub
Kuketz-Blog 🛡May 14, 2024

Android: Der Beitrag stellt die Vorbereitung des Testgeräts sowie Werkzeuge (Frida, Magisk) zur Analyse des Datensendeverhaltens von Apps vor. Reinschauen! ✌️ 👇

https://www.kuketz-blog.de/in-den-datenstrom-eintauchen-ein-werkzeugkasten-fuer-analysten-von-android-apps/

#share #android #frida #objection #tweasel #pirogue #tls #ssl #CertificatePinning #mitmproxy #proxy #intercepting #analyse #datenschutz #sicherheit #privacy #security #dsgvo

In den Datenstrom eintauchen: Ein Werkzeugkasten für Analysten von Android-Apps

Der Beitrag stellt die Vorbereitung des Testgeräts sowie Werkzeuge (Frida, Magisk) zur Analyse des Datensendeverhaltens von Apps vor.

OPSEC Cybersecurity News LiveMar 15, 2023
SSL/x509 certificate/public key expiration

https://security.stackexchange.com/questions/269132/ssl-x509-certificate-public-key-expiration

#publickeyinfrastructure #certificatepinning #certificates #x509 #tls
SSL/x509 certificate/public key expiration

I would like to know the process of how public keys/certificates are renewed for a website. I understand the concept of CA (Certificate Authority) chains, and how the public key/certificate for a s...

Information Security Stack Exchange
Noam RathausDec 19, 2022
Went into the rabbit hole of IL2CPP Unity based application on Android, and learned a lot on Frida, Ghidra, and everything in between - so much information is out there but it’s a mess.
Information is scattered and fragmented, reminds me of the early days of DVD Ripping - people were making money out of it - so information was valuable and not shared.
I still haven’t figured out how to TLS unpin this app, all the methods found in GitHub, Frida and the numerous blogposts don’t work - Unity has introduced some sort of protection that I can’t get around.
Hope to figure it out eventually and share my findings in a blogpost.
If you have experience with #frida #unity #certificatepinning bypassing - and want to look at the challenge let me know :)
heise online (inoffiziell)Apr 20, 2021
heise+ | iOS 14: Apps für die Certificate-Pinning-Funktion konfigurieren

Die Prüfung von TLS-Zertifikaten garantiert keine sichere Kommunikation zwischen Apps und Servern. iOS 14 bietet Certificate Pinning als Extraschutz. iOS 14: Apps für die Certificate-Pinning-Funktion konfigurieren
iOS 14: Apps für die Certificate-Pinning-Funktion konfigurieren

Die Prüfung von TLS-Zertifikaten garantiert keine sichere Kommunikation zwischen Apps und Servern. iOS 14 bietet Certificate Pinning als Extraschutz.

heise online (inoffiziell)Feb 12, 2021
App-Entwickler können die für TLS-Verbindungen erlaubten Schlüssel seit iOS 14 per Konfiguration einschränken.
iOS: Certificate Pinning per Konfiguration
iOS: Certificate Pinning per Konfiguration

App-Entwickler können die für TLS-Verbindungen erlaubten Schlüssel seit iOS 14 per Konfiguration einschränken.

Security