Explore the risks of incorporating SDKs into applications in this 43-minute conference talk from WeAreDevelopers World Congress 2018. Discover real-world examples of malicious code injection into third-party iOS SDKs using man-in-the-middle attacks. Learn about ARP poisoning, mixed content vulnerabilities, and phishing techniques targeting developers. Examine realistic attack scenarios and their potential consequences. Gain insights into security blacklists, known exploits, and statistics related to SDK vulnerabilities. Understand the importance of HTTPS implementation and its impact on Android browsers. Analyze the challenges posed by fast networks in maintaining application security.
Overview
Syllabus
Intro
Felix Kraus
Risks of SDKs
ARP poisoning
Mixed content
Fishing
Attacking Developers
Realistic Attacks
Summary
Questions
Security Blacklists
Known Exploits
Statistics
HTTPS
Android
Browser
HTTP
Fast Networks
Taught by
WeAreDevelopers
