• Solar Bear
    link
    fedilink
    English
    -31 year ago

    Wait, what tools, and why would they need you to modify existing certificates? That’s super sketchy.

    • @[email protected]OP
      link
      fedilink
      English
      81 year ago

      This is modifying system CA certs on your own device, with root access. There’s plenty of examples in the article, but most commonly you’d want to add your own CAs so that you can intercept and inspect your own network traffic. There’s a wide world of developer/researcher/reverse engineering tools that do exactly that, there’s a demo here: https://httptoolkit.com/android/

      It could plausibly be malicious, but it requires direct root access on the device, and if somebody has root access there’s already far more malicious options available to them so it’s not a meaningful threat in any sense.