Clue tip. just because someone has or is working towards a Phd, is head of a company, and so on, don't assume they are clever or smart. judge by the content. in the real world, simpler is better. i assume that applies to the world of digital attacks as well.

the article discusses a very convoluted and complicated way to perform a phishing attack. the point is you don't need to know anything more than the foreground process. e.g., run the "bank of whatever" app. when the login screen comes up, run your app and see that the activity is "com.bank.LoginActivity". now your phishing app watches for that, and inserts it's fake login screen on top of that. simple and effective. doesn't rely on spurious metrics from the device that are going to vary based on the device, other processes, and so on.

  the article takes something simple and makes it needlessly complex. i guess that's fine for thesis. the point of which isn't necessarily practicality but doing something in a novel way.

thanks for pointing out another correlation.

TFA article isn't much more than an academic exercise. practically what they are doing makes little sense. if you want to know the foreground process, you don't have to look at shared memory and fingerprints. do this,

that's it. start a service that queries this every 500ms or whatever. or, use this in conjunction w/ the shared memory "UI state change" trigger TFA article discusses. you now know the foreground app, activity, it's name, it's unique identifier, it's icon, everything.

this requires the android.permission.GET_TASKS but someone that's going to fall for a phishing attack isn't going to be aware enough to note that permission either.

basically, a well-timed phishing attack.

1. in android, you can detect when the UI state changes (a new activity, or screen is brought to the foreground) by looking into a shared memory channel. this tells you nothing else other than that the UI state has changed.

2. you can build a "fingerprint" of a particular UI state change based on CPU utilization, network activity, process list, or possibly other things when the state change occurs. you can use this, plus #1 to know when *specific* UI state changes are occurring.

3. if you have managed to get a malicious app installed, and you know when a specific UI state change is occurring, the malicious app can impersonate the real UI state change, fooling the user into entering sensitive information.

41% is still a minority. are we done w/ iphone v. android for the day?

sigh. if it was really that easy, don't you think it would have happened by now?

no one is getting locked up because they were sent a spam email with child porn. it hasn't happen and it won't happen. google's not that stupid and even the FBI isn't that stupid.

here's what websites / apps, whatever will do: WHATEVER MAKES THEM THE MOST MONEY. they've learned that almost no one will pay then $X a month to access, but almost everyone is happy with having a few ads in the sidebar and accessing for "free".

like it or not, that's what consumers want.

wanting to get paid for a service you provide is not evil. i assume you provide a service for your day job that you already admitted you get paid for? so you are you evil? no, it's just that you decided the work you do is worth getting paid for. well, great, bully for you then huh?

please.

yep, and you have to remember your logins for all those stores, go through a lengthy registration process re-entering your CC info, addresses, and so on.

that's not how it works. it didn't wear off, your spouse's vision has just continued to naturally degenerate to the point that it was when she had the surgery. if she didn't have the surgery it would have been much worse now.

so your whole argument is that it was okay for apple to commit a crime to thwart amazon from becoming more successful? if amazon ended up breaking laws, so be it, and let them stand accountable at that point.

apple isn't some angel coming down from on high to protect the poor little ebook authors. they were simply trying to thwart a competitor from becoming dominant in the field. they wanted a (larger) piece of the pie, and they broke the law trying to get it.

i don't think you understand what irony means.

big companies never fire employees unless it's something really, really terrible.

i talked to a manager about this once. to fire someone, he needed to go through 3 cycles of evaluating, documenting their deficiencies, and laying out a plan for improvement with the employee. he said it just wasn't worth his time. thinking back on this, that seems like a cop-out. they should have subtracted that employee's wages from his, because that's what he was losing the company by letting them stay on.

because that's absolutely terrible for morale. employees don't like coming in to work every day wondering if they are going to be asked to clear out their desk. it's much better to have a week of chaos and bad feelings then get back to business.

no, it means they don't need two accounting depts, two HR depts, two public relations depts, and so on. it also means they don't need to continue (or at least start phasing out) development of non-MSFT mobile operating systems.

they sure as hell do. employees are a massive liability not only in wages but in healthcare, vacation balances, matching 401k, and other benefits.

in big companies, there is always some percent of people that are just hanging on taking up space. clearing them out is actually good for everyone. nothing is more demoralizing than watching someone collect a paycheck for doing nothing while you work your ass off. for the laid off employee it usually ends up being a pretty good deal too considering severance.

considering it's a multi-hundred-billion dollar industry, "billions" does qualify as modest.