freeRASP 4.3.1

• Android SDK version: 17.0.1
• iOS SDK version: 6.13.0

React Native

Fixed

• Resolved duplicate classes error on iOS (issue #128)

freeRASP 4.3.0

• Android SDK version: 17.0.1
• iOS SDK version: 6.13.0

React Native

Added

• Added killOnBypass to TalsecConfig that configures if the app should be terminated when the threat callbacks are suppressed/hooked by an attacker (Android only) (Issue 65)
• Added API for timeSpoofing callback into ThreatEventActions (Android only)
• Added API for unsecureWifi callback into ThreatEventActions (Android only)
• Added API for allChecksFinished callback into new RaspExecutionStateEventActions object
• Added matched permissions to SuspiciousAppInfo object when malware detection reason is suspiciousPermission

Fixed

• Resolved potential collision in threat identifiers

Android

Added

• Added killOnBypass method to the TalsecConfig.Builder that configures if the app should be terminated when the threat callbacks are suppressed/hooked by an attacker Issue 65
• We are introducing a new capability, detecting whether the device time has been tampered with (timeSpoofing)
• We are introducing a new capability, detecting whether the location is being spoofed on the device (locationSpoofing)
• We are introducing a new capability, detection of unsecure WiFi (unecureWifi)
• Removed deprecated functionality Pbkdf2Native and both related native libraries (libpbkdf2_native.so and libpolarssl.so)
• Added new RaspExecutionState which contains onAllChecksFinished() method, which is triggered after all checks are completed.
• Added matched permissions to SuspiciousAppInfo object when malware detection reason is suspiciousPermission
• New option to start Talsec, Talsec.start() takes new parameter TalsecMode that determines the dispatcher thread of initialization and sync checks (uses background thread by default)
• Capability to check if another app has an option REQUEST_INSTALL_PACKAGES enabled in the system settings to malware detection

Fixed

• ANR issue caused by registerScreenCaptureCallback() method on the main thread
• NullPointerException when checking key alias in Keystore on Android 7
• JaCoCo issue causing MethodTooLargeException during instrumentation
• DeadApplicationException when calling Settings.Global.getInt or Settings.Secure.getInt on invalid context
• AndroidKeyStore crashes causing java.util.concurrent.TimeoutException when calling finalize() method on Cipher (GC issues)
• Fixed issue with late initializers and TalsecMode coroutines scopes

Changed

• Shortened the value of threat detection interval
• Refactoring of internal architecture of SDK that newly uses Coroutines to manage threading
• Update of internal dependencies and security libraries

iOS

Changed

• Updated internal dependencies

freeRASP 4.2.4

• iOS SDK version: 6.12.1
• Android SDK version: 16.0.4

React Native

Fixed

• iOS dependencies are now installed via install_modules_dependencies by default

freeRASP 4.2.3

• iOS SDK version: 6.12.1
• Android SDK version: 16.0.4

Android

Fixed

• Root detection related bugs causing false positives

Changed

• Deprecated Nexus repository removed (GCP artifact registry is the main supported distribution repository)

freeRASP 4.2.2

• iOS SDK version: 6.12.1
• Android SDK version: 16.0.1

React Native

Changed

• Replaced deprecated getCurrentActivity() call on Android (compatibility with RN 0.81+)

freeRASP 4.2.1

React Native

Fixed

• Possible conflict with other packages during proguard code minification

Android

Fixed

• Issue with empty SharedPreferences files

Changed

• Decreased version of Kotlin to 2.0.0

freeRASP 4.2.0

• iOS SDK version: 6.12.1
• Android SDK version: 16.0.1

Android

Added

• Added support for 16 KB memory page sizes
• Added multiInstance callback
  • Detecting whether the application is installed/running in various multi-instancing environments (e.g. Parallel Space)

Changed

• The ADB service running as a root is a signal for root detection
• Improved emulator detection
• Internal security improvements

Fixed

• Removed malware report duplicates

iOS

Added

• Added palera1n jailbreak detection

Changed

• Improved Dopamine jailbreak detection

Fixed

• Resolved memory-related stability issues.

freeRASP 4.1.0

• iOS SDK version: 6.11.0
• Android SDK version: 15.1.0

React Native

Added

• Added interface for screenshot / screen recording blocking on iOS
• Added interface for external ID storage

Android

Added

• Added externalId to put an integrator-specified custom identifier into the logs.
• Added eventId to the logs, which is unique per each log. It allows traceability of the same log across various systems.

Changed

• New root detection checks added

iOS

Added

• Added externalId to put an integrator-specified custom identifier into the logs.
• Added eventId to the logs, which is unique per each log. It allows traceability of the same log across various systems.
• Screen capture protection obscuring app content in screenshots and screen recordings preventing unauthorized content capture. Refer to the freeRASP integration documentation.

Fixed

• Resolved an issue with the screen recording detection.
• Resolved an issue that prevented Xcode tests from running correctly.

freeRASP 4.0.0

Check out the full changelog to stay updated on new features, improvements, and the complete history of changes: https://docs.talsec.app/freerasp/whats-new-and-changelog

React Native

Changed

• Android SDK requires kotlinVersion >= 2.0.0
• Set Java version to 17

Android

Changed

• Compile API increased to 35, dependencies updated
• Internal library obfuscation reworked
• Root detection divided into 2 parts (quick initial checks, and time-demanding asynchronous post checks)

Fixed

• ANR issues bug-fixing

iOS

Added

• Improvement of the obfuscation of the SDK.

Changed

• Deep signing of the OpenSSL binaries.

freeRASP 3.14.1

• iOS SDK version: 6.8.0
• Android SDK version: 14.0.1

React Native

Fixed

• Take Android targetSdkVersion, compileSdkVersion from plugin only