Slides and links(below) from my “What’s NNNNNNNNew in Android Security” talk at Droidcon London. The video via SkillsMatter is here.
- What you can do to a APK without it’s private key – https://www.blackhat.com/ldn-15/summit.html#what-can-you-do-to-an-apk-without-its-private-key-except-repacking
- Forgetful Keystore – https://doridori.github.io/android-security-the-forgetful-keystore/#sthash.hFHQpV3A.5WcUVfYk.dpbs
- Security in Nougat – https://android-developers.blogspot.co.uk/2016/09/security-enhancements-in-nougat.html
- APK Signature v2 – https://developer.android.com/about/versions/nougat/android-7.0.html#apk_signature_v2
- Direct Boot – https://blog.stylingandroid.com/nougat-direct-boot/
- SafetyNet Helper library https://github.com/scottyab/safetynethelper
- Adrian Ludwig’s Google IO talk – What’s new in Android Security (M &N) – Excellent talk!
Training and Developer Docs
- Keystore Attestation – https://developer.android.com/training/articles/security-key-attestation.html (note this is
- Scoped directory Access – https://developer.android.com/training/articles/scoped-directory-access.html#accessing
- Permissions – https://developer.android.com/training/articles/user-data-permissions.html#tenets_of_working_with_android_permissions
- Direct Boot- https://developer.android.com/training/articles/direct-boot.html
Would you like me to speak at your conference or meetup? If so please get in contact.
Any questions, please drop me an email or tweet.