New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixing security issue #29

Merged
merged 1 commit into from Mar 6, 2018

Conversation

Projects
None yet
2 participants
@r3ggi
Copy link

r3ggi commented Feb 20, 2018

Plugin logs sensitive information and that is considered as a security issue. iOS logs are can be easily accessed by attacker.

References:
https://www.owasp.org/index.php/Mobile_Top_10_2016-M2-Insecure_Data_Storage
https://www.kaspersky.com/blog/starbucks-moves-quick-to-fix-application-security-vulnerability/3510/ (Starbucks for instance had problem with placing sensitive data to iOS logs and that was a big scandal ;-) )

Fixing security issue
Plugin logs sensitive information and that is considered as a security issue. iOS logs are can be easily accessed by attacker.

References:
https://www.owasp.org/index.php/Mobile_Top_10_2016-M2-Insecure_Data_Storage
https://www.kaspersky.com/blog/starbucks-moves-quick-to-fix-application-security-vulnerability/3510/ (Starbucks for instance had problem with placing sensitive data to iOS logs and that was a big scandal ;-) )

@mlynch mlynch merged commit 18233ca into ionic-team:master Mar 6, 2018

@mlynch

This comment has been minimized.

Copy link
Member

mlynch commented Mar 6, 2018

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment