ABSTRACT
Initially, mobile browsers had to access information through traditional websites. Mobile browsers are fully functional browsers with functionality that rivals desktop versions. The Android browser in Android cannot properly restrict modifications to cookies established in Intercepting traffic for browser (HTTP) sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response. The Phone as a Spying/Tracking Device Imagine exploiting vulnerabilities on an Android device or application and gaining full access to a phone. Rooted Android phones are most vulnerable to these kinds of attacks. Controlling Corporate Networks and Other Devices through Mobile Devices Exploiting vulnerabilities on mobile applications or the Android platform itself can lead to other security concerns. Good book for Android security enthusiasts and developers that also covers advanced topics like reverse engineering of Android applications. The chapter also presents some closing thoughts on the key concepts discussed in the preceding chapters of this book.
