Analysing smali code

Mobile apps have become increasingly widespread compared to their desktop counterparts. In addition, many apps often have stricter security requirements since they incorporate micropayments. We also perform sensitive transactions through mobile apps. For example, there are no desktop internet banking applications, we use the browser to perform such transactions. But ...

Verifying JS Integrity

Yesterday, a CDN was hacked and malicious JS was served to a number of domains. Most websites make use of CDNs to serve up JS so as to reduce page load time. How do we protect ourselves from such attacks? I posed a similar question on Sec.SE some time ...

Adding hostnames or PTR records to piwik

If you are using piwik and desire to know exactly where your website visitors come from, this hack will allow you to display the hostname or PTR record beside the IP addresses on the piwik dashboard. The Ip2Hostname plugin logs down the visitor's hostname in an additional column but ...

Deprecation of NUS modules android app

As of 18 July 2015, I will officially cease support for the NUS modules android app. It has been unpublished from the Play Store and the companion appspot website has been deleted. The app was written more than 2 years ago when I was a freshman and has not been ...

Google Calendar API v3

In one of my previous posts, I mentioned that I was using rainmeter to display useful information such as events in my google calendar on my desktop. Google updated their calendar to API v3 sometime early this year and this broke the functionality. After waiting few months for a fix ...

Code runs on code

This semester has been a rather hectic one. There is this massive Java Enterprise project that lasts throughout the entire semester. In the midst of this project, our team encountered a rather puzzling bug. Despite following the sample code snippets closely and trawling through Stack Overflow, we were unable to ...