Edit - Information Security Stack Exchange

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

Required fields*

Rev

2

Detailed answer, thanks. I think one of your points is that that browsers in Windows, as well as the bank's webapp there, are designed to run in a system where other applications have administrative privileges. Thus that browser and webapp may have built in defenses against some threats on such a platform. The Android app, on the other hand, may be, in terms of security, only designed to run on a non-rooted device. Was that one of your points, or did I misunderstand?

Fiksdal
– Fiksdal

2016-04-30 10:46:18 +00:00
Commented Apr 30, 2016 at 10:46
1

@Fiksdal True, that's what I was trying to say, although you may find some exceptions to this, but ultimately mobile devices have some security controls that are not present on desktops and vice versa, and by rooting your device you're potentially bypassing some of these controls, and the mobile application is notifying you about this. (Even though these controls may not be present on desktops at all)

Silverfox
– Silverfox

2016-04-30 10:54:37 +00:00
Commented Apr 30, 2016 at 10:54
1

Can an app with only user-level access on either Windows or Android (or any OS?) really guard itself against another app which has root access? How would that work? Or is there some other side-effect to rooting you are referring to?

Alexander O'Mara
– Alexander O'Mara

2016-04-30 15:12:02 +00:00
Commented Apr 30, 2016 at 15:12
1

@AlexanderO'Mara Applications can't defend themselves apart from techniques like data encryption, but what I meant was that the OS protects the applications with permissions it defines and then when you give root permission to a specific application, it can access anything and bypasses that security control that was put in place.

Silverfox
– Silverfox

2016-04-30 15:18:34 +00:00
Commented Apr 30, 2016 at 15:18
2

The security model for operating systems like Windows or Linux ... does prevent applications from accessing each others' memory. This is actually FALSE! Assuming you're talking about same-user scenarios (say, a music player and an email client running as the same user, rather than under two different users), one process can read (and even write!) memory of another. For example, see Windows' ReadProcessMemory. To prevent this, untrusted apps have to be sandboxed (as non-root mobile apps are).

CBHacking
– CBHacking

2018-02-20 20:28:29 +00:00
Commented Feb 20, 2018 at 20:28

| Show 9 more comments

Correct minor typos or mistakes
Clarify meaning without changing it
Add related resources or links
Always respect the author’s intent
Don’t use edits to reply to the author

create code fences with backticks ` or tildes ~
```
like so
```
add language identifier to highlight code
```python
def function(foo):
print(foo)
```
put returns between paragraphs
for linebreak add 2 spaces at end
_italic_ or **bold**
quote by placing > at start of line
to make links (use https whenever possible)

<https://example.com>

[example](https://example.com)

<a href="https://example.com">example</a>

formatting help »
answering help »