Comment Re:the hard way (Score 1) 87
Clue tip. just because someone has or is working towards a Phd, is head of a company, and so on, don't assume they are clever or smart. judge by the content. in the real world, simpler is better. i assume that applies to the world of digital attacks as well.
the article discusses a very convoluted and complicated way to perform a phishing attack. the point is you don't need to know anything more than the foreground process. e.g., run the "bank of whatever" app. when the login screen comes up, run your app and see that the activity is "com.bank.LoginActivity". now your phishing app watches for that, and inserts it's fake login screen on top of that. simple and effective. doesn't rely on spurious metrics from the device that are going to vary based on the device, other processes, and so on.
the article takes something simple and makes it needlessly complex. i guess that's fine for thesis. the point of which isn't necessarily practicality but doing something in a novel way.