一分钟读论文:《细孔沉千帆:小程序权限漏洞研究》 #21
giscus[bot]
bot
Replies: 1 comment
-
|
银联、字节、微信、QQ、支付宝、百度、小米、华为纷纷中招,小程序很不安全 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
一分钟读论文:《细孔沉千帆:小程序权限漏洞研究》
中国的微信、TikTok、支付宝的小程序的月活用户总数接近全球最受欢迎的社交网络 Facebook 28.9 亿 MAU。北京电子科技学院的论文《A SMALL LEAK WILL SINK MANY SHIPS: VULNERABILITIES RELATED TO MINI PROGRAMS PERMISSIONS》 对小程序权限进行研究。对9个流行的移动应用生态系统超过 700 万个小程序进行了系统研究,测试了超过 2,580 个 API,发现6类潜在安全漏洞,银联、字节、微信、QQ、支付宝、百度、小米、华为纷纷中招,并总结了小程序保护用户隐私的系统性建议。
https://unbug.github.io/A-SMALL-LEAK-WILL-SINK-MANY-SHIPS-VULNERABILITIES-RELATED-TO-MINI-PROGRAMS-PERMISSIONS/
Beta Was this translation helpful? Give feedback.
All reactions