The Android Security Jungle: Pitfalls, Threats & Survival Tips • Scott Alexander Bown • GOTO 2015

This presentation was recorded at GOTO Copenhagen 2015 http://gotocph.com Scott Alexander Bown - Lead Android Developer at Intohand ABSTRACT Global mobile adoption is spreading like wildfire, pervasive government surveillance programs are coming to light and major internet security exploits are being uncovered. This results in increased awareness from users, managers and developers for the dire need for rigorous security in deployed code. While mobile device security can be helped [...] Download slides and read the full abstract here: http://gotocon.com/cph-2015/presentation/The%20Android%20security%20jungle:%20pitfalls,%20threats%20and%20survival%20tips TIMECODES 0:00 Introduction 0:35 The Jungle 1:33 Scott Alexander-Bown 7:42 Security Services 10:20 Newer version of Android are more secure 12:51 Threats: App Hijacking 17:33 OWASP top 10 risks 18:55 Survival tips 21:14 Network communications 22:33 Looks like you're not using SSL pinning? 24:12 Patch against SSL exploits 26:48 Password based encryption 28:38 Encryption libraries 33:11 Verifying App integrity 34:40 Signing Certificate Verification 35:42 Verifying device integrity 39:06 root@android:/# 40:53 DO YOU EVEN 41:33 ProGuard 43:20 DexGuard 46:50 Quick Android Review Kit Qua https://twitter.com/gotocph https://www.facebook.com/GOTOConference http://gotocon.com #Android #Security #AndroidSecurity Looking for a unique learning experience? Attend the next GOTO conference near you! Get your ticket at https://gotopia.tech Sign up for updates and specials at https://gotopia.tech/newsletter