re: Protecting images on your website VIEW POST

re: I’m sure this article will be useful to people asked to implement this feature by their employer, but it’s a futile endeavor. Most people explore t...

Reminds me of the requirement my team had to prevent the apk file from being sideloaded on rooted Android phones. We tried explaining that "root" could be accomplished a million different ways, but evidently there was some sort of requirement from on high that we do what we can no matter what (maybe from hospital guidelines? or an interpretation of hipaa?). We also couldn't test this on our in house devices as that would break our usage agreement we took as employees to not do shady stuff that would void warranties and whatnot with company equipment.

Apparently there was an npm package that can look for the most popular root jars and let you block login based on that. If the project wasn't shelved, I imagine modern permission systems wouldn't let you just casually traverse the installed apps for SuperSU or whatever. I ended up rooting my Samsung S3 just to try being nefarious with our apk to make everyone happy that we have blocked root users.

code of conduct - report abuse