undefined | Better HN

0 pointsTameAntelope4y ago0 comments

I'm confused. Are you suggesting you should test with "real" data first?

0 comments

I'm suggesting that monitoring an application for malicious behavior to detect it after the fact is the wrong approach. Once the data is sent, it's too late to do anything about it.

Oh you first try fake data? That's easy to counter. For example probabilisticly: the app tosses a coin and only sends the data with 50% chance the first time. Now half of people using your approach will think the app is safe and get their data stolen anyway. Or use some side channel, delay activity, ...

j / k navigate · click thread line to collapse

0 comments

ganafagol4y ago

I'm suggesting that monitoring an application for malicious behavior to detect it after the fact is the wrong approach. Once the data is sent, it's too late to do anything about it.

j / k navigate · click thread line to collapse