539
WhatsApp running through android-translation-layer (no container!) on Linux desktop
(lemmy.kde.social)
Since https://www.reddit.com/r/linux/comments/1gdhy7u/experimental_flathub_release_of_newpipe_on_linux/ got a bit of traction yesterday, this is WhatsApp straight from Meta running on Linux desktop using android-translation-layer.
android-translation-layer (ATL) is a Wine-like approach to run Android applications on Linux. Rather than running an Android container like for example Waydroid does this instead implements the Android API. Note that right now it's very much work in progress and almost no app will work yet, but the fact that they have apps like Newpipe and WhatsApp running already is very promising!
Join the Matrix chat at #android-translation-layer:matrix.org and follow along!
I hope this makes it easier to do TLS sniffing and security research on Android apps. A lot of developers seem to rely on no one simply looking at how much information is exposed in the APIs apps use. Currently because it's much more difficult to sniff Android apps, a lot of privacy/security issues are not raised.
Can't it be reverse engineered? It's java bytecode.
It's difficult
As long as it's installed on a device you control it's pretty easy to sniff TLS traffic from an Android application, even if they're pinning certs. I do this all the time for work. Frida makes it extremely easy, even giving you the ability to edit boringssl if something important is happening in native code. I've had to do this a couple times.
If you don't have root you'll have to recompile the application though which could matter if you need the signature to not change, but that isn't a common requirement.
It'd be nice to have a better way to test though; I've wanted to check out Waydroid. Some coworkers just use an emulator which works great if it doesn't need specific hardware.
There's PCAPdroid mitm for tls.