Android Security

As a reminder, Android is open source but is not a community project; there is a difference. Please try and submit a patch for this and see how far it gets you.

Some time ago, I was adding secure authentication to my APRSdroid app for Amateur Radio geolocation. While debugging its TLS handshake, I noticed that RC4-MD5 is leading the client’s list of supported ciphers and thus wins the negotiation. As the task at hand was about authentication, not about secrecy, I did not care. via