Good thing I use pirated copies that give me paid features and remove these SDKs
ayyyyyyy mines getting a little dated, I had to go back versions a bit to get one without the ads hard-coded in. are you using a version newer than 6.31.7?
Yes. I visit mobilism about once a month and download the latest Baltan release.
What are both of those things?
thank you so much
No “thank you” posts allowed /j
execution squad is heading for my house
I never expected the Spanish Inquisition!
I’ll go check his again. would you say there’s any annoyances lately with the cracks?
There’s inconsistent behavior but nothing on the fault of the patches.
fair enough, ty!
ByteDance applies real cryptographic protection to the data valuable to their business: ad impressions, click attribution, revenue tracking. But the device fingerprints they harvest from users? Those get the key-taped-to-the-doorframe treatment.
Frankly I want the opportunity to peer into everything, or at least prevent all of it
It says it can’t be decrypted with passive means due to a proper ECDH key exchange, but if they are not doing any sort of verification that theor server sent or created the key, then it would be possible to do an active attack like MITM that manipulates the key exhcnage. What I mean is, your MITM proxy would substitute the real key with one that you have the keypair to and hand that to the target application. The target application then encrypts using the key you provide, your MITM proxy decrypts and reencrypts with the real key and all seems legit from both sides.
If there are server validation of some sort, signature checks or whatever, then it would require extra work like patching out or otherwise modifying those checks in the application, extracting the key from the application’s memory, or something like this.
I guess myvpoint is, if you’re motivated enough, you can make it happen.