Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Network_Security_in_Android.pdf
Search
ValentineRutto
November 16, 2019
Programming
0
48
Network_Security_in_Android.pdf
ValentineRutto
November 16, 2019
Tweet
Share
More Decks by ValentineRutto
See All by ValentineRutto
Kickstarting your tech career
valentinerutto
1
36
The D in SOLID Principles
valentinerutto
0
210
Consuming Rest Api with retrofit in Android
valentinerutto
0
200
Exposing Network Result Status in MVVM
valentinerutto
0
59
Complex ui animation with Motion layout
valentinerutto
0
87
Tech Opportunities
valentinerutto
1
90
Android paging library
valentinerutto
0
250
Android Room persistence library
valentinerutto
0
150
UI/UX FOR MOBILE
valentinerutto
0
250
Other Decks in Programming
See All in Programming
テストコード文化を0から作り、変化し続けた組織
kazatohiei
2
1.5k
ドメインイベント増えすぎ問題
h0r15h0
2
350
range over funcの使い道と非同期N+1リゾルバーの夢 / about a range over func
mackee
0
110
[JAWS-UG横浜 #76] イケてるアップデートを宇宙いち早く紹介するよ!
maroon1st
0
460
生成AIでGitHubソースコード取得して仕様書を作成
shukob
0
470
アクターシステムに頼らずEvent Sourcingする方法について
j5ik2o
4
290
17年周年のWebアプリケーションにTanStack Queryを導入する / Implementing TanStack Query in a 17th Anniversary Web Application
saitolume
0
250
命名をリントする
chiroruxx
1
410
テスト自動化失敗から再挑戦しチームにオーナーシップを委譲した話/STAC2024 macho
ma_cho29
1
1.3k
103 Early Hints
sugi_0000
1
230
PHPで作るWebSocketサーバー ~リアクティブなアプリケーションを知るために~ / WebSocket Server in PHP - To know reactive applications
seike460
PRO
2
470
Effective Signals in Angular 19+: Rules and Helpers @ngbe2024
manfredsteyer
PRO
0
140
Featured
See All Featured
VelocityConf: Rendering Performance Case Studies
addyosmani
326
24k
jQuery: Nuts, Bolts and Bling
dougneiner
61
7.5k
The Invisible Side of Design
smashingmag
298
50k
A Philosophy of Restraint
colly
203
16k
Code Review Best Practice
trishagee
65
17k
Why You Should Never Use an ORM
jnunemaker
PRO
54
9.1k
What's in a price? How to price your products and services
michaelherold
243
12k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
Git: the NoSQL Database
bkeepers
PRO
427
64k
Product Roadmaps are Hard
iamctodd
PRO
49
11k
Measuring & Analyzing Core Web Vitals
bluesmoon
4
170
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
169
50k
Transcript
Network Security in Android
None
KOKO is mainstreaming liquid bio-ethanol cooking fuel as a fast,
safe and affordable alternative to dirty cooking fuels such as charcoal https://kokonetworks.com
Protecting your app from reverse engineering and man in the
middle attacks
SSL certificate pinning Obfuscation with proguard
SSL Certificate pinning Why SSL Certificate pinning? to prevent man
in the middle attack What is SSL? -Secure Socket Layer - its a protocol that has always been used to encrypt and secure transmitted data between server and client (website and browser).
SSL Certificate pinning What is ssl certificate pinning? is ensuring
that any client SSL request first validates that the server’s certificate exactly matches the bundle’s certificate previously stored in the application.
SSL Certificate pinning
SSL Certificate pinning What steps do we need? • Obtaining
a certificate for the desired host (preferably the whole certificate chain). • Pin the certificate to an instance of DefaultHttpClient
SSL Certificate pinning Get certificate public key from ssllabs This
is the hashed public key of the certificate
SSL Certificate pinning
SSL Certificate pinning
SSL Certificate pinning - Failure
Obfuscation What? -is a process of creating source code in
a form that is hard for human to understand. Why? To prevent reverse engineering To reduce your app size
1. Configure your gradle file (app/gradle) 2. Use default android
proguard rules or create your own 3. Edt your rules Obfuscation Steps
Obfuscated Code
Non-obfuscated code
Resources Proguard android ssl pinning practical proguard rules
Demo….!!!!!! Demo github link
Thank you !!