Skip to main content

Posts

Featured

SSL pinning in Android - A brief discussion

HTTP protocol Communication between the client and a server typically non-encrypted or plain text while we use HTTP protocol.  Pitfall Any middle hacker can interrupt the connection between the client and server and manipulate the data as it involves no encryption. How to overcome this ? As the domain owner one can purchase a digital certificate from CA(Certificate Authority) who are considered as trusted.  A certificate will contain the Owner's name, public key , Issuer's(CA's) name,Issuer's(CA's) signature, domain details, expiry date etc . After the SSL/Leaf certificate is associated with a domain,the communication between client and server will be encrypted. Now the HTTP will become HTTPs. Note : Associating the SSL certificate means it enable the encryption between client and server but does not mean ,the domain owner will never misuse your personal information. How does SSL work ? Pitfall There is a problem here. Let's assume that there is a hacker comes i

Latest Posts

Dependency Injection using Hilt

Manual Dependency Injection- Realtime Explanation

Dependency Injection - Overview

Android - Activity Life cycle

The Reality of Developer’s Life very funny... :)

Android -Expandable ListView