MUwS, PHA, Vulnerabilities: A Walk through on What Not to Do
Droidcon SF 2019 | MUwS, PHA, Vulnerabilities: A Walk through on What Not to Do | Salvador Mandujano
What you'll learn
Mobile unwanted software, potentially harmful applications, and vulnerabilities are three important threats that may impact the security and privacy of Android users if applications are not properly designed and implemented. As an Android developer, it is important to understand the practical risks that buggy code, untrusted SDKs, and limited disclosure to users represent in order to anticipate and prevent incidents with their apps. This session by the Google Play Protect reverse engineering team will analyze specific examples of application behaviors and code issues that may cause problems to users and developers in the three areas above, from data collection and dynamic code loading to the abuse of SMS functionality to commit fraud. The audience will learn how to prevent their Google Play or off-market application from being flagged as malicious by Google Play Protect, and how to make design choices that enhance the privacy of the user and the security of the data the application handles.