Category Archives: Security

LINE Taiwan Security Meetup – BECKS #3

Information security has always been one of the key focuses of LINE. LINE has always strove to actively promote various security enhancement strategies over the years. As a part of our ongoing effort towards information security, LINE information security engineers hold a meetup known as BECKS (a portmanteau of beer and hacks) in Korea, Japan, …

LINE New-Grad Engineers: [June] Security Engineers

LINE welcomed 33 newly graduated engineers this year. In this monthly series, they will be introducing their experiences and an overview of the work that they do. 

For our second article in the series, we have invited Mr. Koh from the Application Security Team to talk about his initial work and experiences.

Monitoring to prevent game cheating

It has been six years since we’ve began LINE GAME, and over those six years we’ve been through many experiences. Today, I’d like to share some lessons we’ve learned along the six-year journey of LINE GAME, specifically focusing on how we used monitoring to prevent game cheating. When I say “game cheat” in this blog …

Another one bites the apple!

Hello, world! I’m Ramses, responsible for security assessment at LINE. My work is to try to hack LINE services and find a way to enhance its security. During my personal time, I find and report security vulnerabilities in third party services also. This is my way of contributing to building a more secure world. Among hackers, this is called a bug hunt. Hackers participate in bug hunting to win a bounty, build their reputation as a hacker or just because they enjoy hacking itself. Many hackers target Apple products for bug hunting, and I’m writing this post to share my journey of bug hunting with Apple products.

How AIR ARMOR checks iOS Code Signing

AIR ARMOR is a security solution of AIR; AIR is a component of the LINE GAME PLATFORM. You can refer to Seunghoon’s posting on AIR GO and APK Signing for information on the APK signature scheme. For this posting, I’ll explain about iOS code signing, one of Apple’s security mechanism. Code signing is to verify the integrity of the software code …

LINE Security Bug Bounty Program Report 2018

Hello, this is Kazuhiro Kubota from the LINE Security Department. Last time we brought you the report for the first half of 2018. Today, I’d like to summarize the results of the LINE Security Bug Bounty program for 2018. Number of reports in 2018 In 2018, a total of 88 reports qualified for the program. This figure is almost twice as many …

AIR GO and APK Signing

Hello you all, this is Seunghoon Kim, a member of the AIR GO development team at LINE. Previously on our blog, we had a chance to introduce AIR GO with this post, Introducing AIR GO. Following up on the article, I’d like to talk about APK Signing and what AIR GO detects in regards to it. …

FIDO at LINE: A First Step to a World Without Passwords

Getting closer to a world without passwords Today we are happy to announce that LINE has achieved the world’s first FIDO Universal Server certification (as a service provider1) for our authentication server — LINE Authentication Server. With FIDO authentication, LINE users can sign in and authenticate both using biometrics (for example, face and fingerprint), as well as with …

Introducing AIR GO

AIR GO is an app vulnerability scanning service for finding vulnerabilities in Android or iOS app package files (apk or ipa). AIR GO is somewhat similar to SandDroid, an open source project. Recently, LINE has been using AIR GO to check LINE apps for vulnerabilities before they are released, to provide secure services to LINE users. Anyone can access AIR GO simply by registering their email address. Actually, AIR GO had been introduced on the LINE website previously; today, I’d like to discuss about it in more of a developer’s point of view.

airgo_main

LINE Security Bug Bounty Program Report 2018 – First half

This is Myeongjae Lee (MJ), back with our report on running the LINE Security Bug Bounty program from January till June this year. The ‘LINE Security Bug Bounty Program’ aims to provide LINE users the most secure service by fixing potential vulnerabilities in advance, by getting reports from external security researchers.