Reversing the Xiaomi Redmi Watch Through Crafted Watchfaces

How much security can you expect from a $50 smartwatch? We decided to find out. This is a full technical writeup of our research…

Android – Trusted Execution Environment

Posts

Reversing the Xiaomi Redmi Watch Through Crafted Watchfaces

How much security can you expect from a $50 smartwatch? We decided to find out. This is a full technical writeup of our research into the Xiaomi Redmi Watch 5 Active, a SiFli SF32LB551-based wearable that Xiaomi markets as running HyperOS, but under the hood it’s actually RT-Thread (a popular open-source RTOS for embedded systems).…
Runtime Application Self-Protection (RASP)

Mobile applications have become prime targets in today’s digital ecosystem. Since mobile devices store and process valuable assets such as personal data, session tokens, and financial transaction details, they represent an especially attractive target for threat actors. However, traditional security measures provide only limited protection against the dynamics of modern threats. Today, attack vectors often…
Security Approaches in Mobile Banking Super Apps

Security Approaches in Mobile Banking Super Apps As smartphones become an integral part of daily life, users now expect to meet most of their needs quickly and seamlessly from a single point of access. This expectation has brought a rapidly rising concept to the forefront of digital ecosystems in recent years: the Super App. A…
Android – Trusted Execution Environment

TEE (Trusted Execution Environment) is a general security technology used across different architectures and platforms. In this article, however, we will focus specifically on TEE solutions in Android devices. On Android devices, TEE is a hardware-backed isolated execution environment provided by the processor. The operating system and applications we use in daily life run in…
Reversing Google’s New VM-Based Integrity Protection: PairIP

Google replaced its long-standing integrity protection with the Safetynet infrastructure in 2024, with a new structure called PairIP. When you enter the Safetynet documentation page, you will see the warning “Warning: The SafetyNet Attestation API is deprecated and has been replaced by the Play Integrity API. Learn more.” So what is this PairIP? What are…
a bit of mobile: Android Shared Library Injection

Bir processin içine özel bir dinamik kütüphaneyi yükleyerek o processin davranışını değiştirmek veya manipüle etmek için kullanılan güçlü bir tekniktir. Bu işlemin en yaygın yollarından biri ptrace sistem çağrısını kullanmaktır.
a bit of obfuscation: MBA expressions, opaque predicates, affine functions

MBA Expressions, which stands for Mixed Boolean Arithmetic, is one of the most common principles used by many obfuscators. MBA Expressions are used to confuse the data flow of the program using boolean operators, (e.g., ∧,∨,¬,⊕) and integer arithmetic operators, (e.g + (ADD) , * (IMUL) , – (DEC) ) operators.