You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Was reading through the MASVS tetsing guide and notice there may be a slight Typo on for MASTG-0034 in the Overview section, see bolded below:
To test for object persistence being used for storing sensitive information on the device, first identify all instances of object serialization and check if they carry any sensitive data. If yes, check if is properly protected against eavesdropping or unauthorized modification.
There may be a work missing. Potential rewrite:
To test for object persistence being used for storing sensitive information on the device, first identify all instances of object serialization and check if they carry any sensitive data. If yes, check if the sensitive information is properly protected against eavesdropping or unauthorized modification.
Minor change, but may be worth adding for clarity
The text was updated successfully, but these errors were encountered:
Hi All!
Was reading through the MASVS tetsing guide and notice there may be a slight Typo on for MASTG-0034 in the Overview section, see bolded below:
To test for object persistence being used for storing sensitive information on the device, first identify all instances of object serialization and check if they carry any sensitive data. If yes, check if is properly protected against eavesdropping or unauthorized modification.
There may be a work missing. Potential rewrite:
To test for object persistence being used for storing sensitive information on the device, first identify all instances of object serialization and check if they carry any sensitive data. If yes, check if the sensitive information is properly protected against eavesdropping or unauthorized modification.
Minor change, but may be worth adding for clarity
The text was updated successfully, but these errors were encountered: