Completed
Android 4
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Inside Android's SafetyNet Attestation
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Attack patterns
- 3 OS modification methods
- 4 Device integrity detection the old Days
- 5 That's a low bar
- 6 Hardcoded checks
- 7 Attackers can easily disable detections
- 8 Attackers can easily feed checkers with bad data
- 9 Raising the bar
- 10 SafetyNet details
- 11 caveats
- 12 Criticism
- 13 SafetyNet JAR
- 14 SafetyNet modules
- 15 Example: device_state
- 16 SafetyNet Attestation: Overview
- 17 SafetyNet Attestation: Call Chain
- 18 SafetyNet Attestation: Request Attestation
- 19 SafetyNet Attestation Overview: Request Attestation
- 20 SafetyNet Attestation: Forward Data
- 21 SafetyNet Attestation: Attest Device & App
- 22 SafetyNet Attestation: Deliver Result
- 23 Ideal implementation
- 24 Attestation result validation
- 25 Check crypto!
- 26 cts Profile Match & basicIntegrity
- 27 SafetyNet and the Nonce
- 28 Handle errors!
- 29 Attestation: just an API Call away!?
- 30 API Failures...
- 31 Howto: App/APK Integrity
- 32 Implementation & Deployment Summary
- 33 SafetyNet vs. Android Versions
- 34 Android 4
- 35 Boot Loader Unlocked
- 36 Client-side response validation?
- 37 SuHide and Magisk
- 38 SafetyNet's Application Integrity Checks
- 39 Running Code on Android
- 40 ODEX Code Modification Attack: Overview (Generic)
- 41 Attacking ODEX files: all Android Versions
- 42 Attacking ODEX files without Root (Android 6)
- 43 ODEX file Attack via Dirtycow
- 44 Attack Impact
- 45 Fun time