This module provides learning materials that allow students to avoid common security defects and to write a secure program with output encoding. Topics include consequences of malicious injections and effective secure output encoding.
Ethics
The attack method discussed here is for education purposes. Readers should perform gracefully based on hacking ethics and should not spread or utilize the code in this lab to harm other Android phone users to gain their own benefits. A more thorough specification of hacking ethics can be found here and here. Please read them carefully. You should never attempt to penetrate that system or adversely affect that system's operation. Such actions are a violation of university policy and, in some cases, violations of State and Federal law. Likewise, you should refrain from writing computer viruses, worms, self-reproducing code, or other kinds of potentially damaging software for this course unless you have explicit, written approval for the specific type of software that you wish to create. These kinds of programs are notoriously difficult to control and their release (intentional or otherwise) can result in substantial civil and criminal penalties. Please read and review the ACM Code of Ethics and Professional Conduct.
Post-Lab