The Android security jungle: pitfalls, threats and survival tips

gotocope_smI have been fortunate enough to be invited to speak at goto; conference in Copenhagen on October 6th. I’ll be giving a talk I one of my favourite subjects: Android app security. If you can make it please come and say hi.

 

Abstract:

Global mobile adoption is spreading like wildfire, pervasive government surveillance programs are coming to light and major internet security exploits are being uncovered. This results in increased awareness from users, managers and developers for the dire need for rigorous security in deployed code. While mobile device security can be helped via mobile device management (MDM) solutions it’s our responsibility as app developers/publishers to ensure our apps protect user privacy and critical business data. The problem is securing your Android app and data is not always obvious or well documented.

This talk will cover current Android app threats and look at how with freely available tools we can easily reverse engineer an Android app. After a brief introduction to Android platform security and how to protected app components, we’ll cover enhanced SSL validation, encryption, tamper protection and advanced obfuscation techniques. We will also focus on leveraging open source commercially viable libraries allowing us to increase our app’s security with minimal effort.

These best practise techniques will arm you with practical solutions that can help you survive in the Android security jungle.