Summary

Our Penetration testing team has identified usage of weak crypto algorithms like SHA-1 in Stetho and logged security vulnerability. What are the plans to migrate to the latest crypto algorithms? Can you please migrate to the latest crypto algorithms to mitigate this?

Recommendation:
Utilize cryptographic hashing algorithms that are considered secure and advocated for in best practice recommendations. Guidance can be found for Android For more guidance on best practices in picking strong cryptography, please see OWASP's Cryptographic Storage Cheat Sheet.

Motivations

Security Vulnerability.