[ale] [OT]How does Android pull off url "spoofing"?
Jim Lynch
ale_nospam at fayettedigital.com
Sat Aug 17 13:25:53 EDT 2013
On 08/17/2013 01:11 PM, Sean McNealy wrote:
> Application layer redirect I'd guess. That would mean when you're
> thinking, "My network doesn't work like this," you're right. You
> probably do connect to airdroid.com <http://airdroid.com> and get an
> HTTP 302 to the phone's IP. The phone app could have already sent the
> local address to their service.
>
> Now how would it associate your connection to your phone's address?
> I'm surprised there's no token on that URL, but you are behind the
> same NAT device, so there's enough information to know which phone
> you're connecting to.
OK, I understand. I wasn't aware of that "feature". Or at least didn't
realize it worked that way. I'm impressed.
Thanks,
Jim.
More information about the Ale
mailing list