• Solar Bear@slrpnk.net
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    6
    ·
    1 year ago

    Wait, what tools, and why would they need you to modify existing certificates? That’s super sketchy.

    • pimterry@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 year ago

      This is modifying system CA certs on your own device, with root access. There’s plenty of examples in the article, but most commonly you’d want to add your own CAs so that you can intercept and inspect your own network traffic. There’s a wide world of developer/researcher/reverse engineering tools that do exactly that, there’s a demo here: https://httptoolkit.com/android/

      It could plausibly be malicious, but it requires direct root access on the device, and if somebody has root access there’s already far more malicious options available to them so it’s not a meaningful threat in any sense.