Undercover 1.5

Not that I’m really interested in Orbicule’s Undercover…
In fact I neither see the need for such a software since
it might give you a false sense for safety, nor that I’m
willing to pay almost 30 $ (or 25 €) for a software
that looks like written on a rainy afternoon.
It also scares me that undercover does not only seem to be
buggy, but to have conceptual design flaws. So, nevertheless,
I’m quite curious, because after our first review and some emails with
the author, he promised us for that password-issue:

This has been fixed as well. The binary no longer contains a human readable password.

I don’t agree. What he really means is:
The binary no longer contains the password as an ascii string.

If you wonder what the difference is, it’s using the command line tool strings versus not more than 5 minutes of reading the actual binary code.
After 5 minutes you find something like this:
[curlHandleObject setUsername: username password: [NSString stringWithFormat: @"%d", 0xc0de]]

Kommentar verfassen

Trage deine Daten unten ein oder klicke ein Icon um dich einzuloggen:


Du kommentierst mit Deinem WordPress.com-Konto. Abmelden / Ändern )


Du kommentierst mit Deinem Twitter-Konto. Abmelden / Ändern )


Du kommentierst mit Deinem Facebook-Konto. Abmelden / Ändern )

Google+ Foto

Du kommentierst mit Deinem Google+-Konto. Abmelden / Ändern )

Verbinde mit %s