Overview
Explore the Android security landscape in this 56-minute conference talk from GOTO Copenhagen 2015. Delve into the pitfalls, threats, and survival tips for Android development with Scott Alexander Bown, Lead Android Developer at Intohand. Learn about global mobile adoption trends, government surveillance programs, and major internet security exploits. Discover essential security services, the importance of using newer Android versions, and how to protect against app hijacking. Examine the OWASP top 10 risks and gain valuable survival tips for secure Android development. Cover crucial topics such as network communications, SSL pinning, encryption libraries, app integrity verification, and device integrity checks. Explore tools like ProGuard, DexGuard, and the Quick Android Review Kit to enhance your app's security. Whether you're a developer, manager, or user, gain insights to navigate the Android security jungle and build more secure mobile applications.
Syllabus
Introduction
The Jungle
Scott Alexander-Bown
Security Services
Newer version of Android are more secure
Threats: App Hijacking
OWASP top 10 risks
Survival tips
Network communications
Looks like you're not using SSL pinning?
Patch against SSL exploits
Password based encryption
Encryption libraries
Verifying App integrity
Signing Certificate Verification
Verifying device integrity
root@android:/#
DO YOU EVEN
ProGuard
DexGuard
Quick Android Review Kit Qua
Taught by
GOTO Conferences