Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Network_Security_in_Android.pdf
Search
ValentineRutto
November 16, 2019
Programming
0
55
Network_Security_in_Android.pdf
ValentineRutto
November 16, 2019
Tweet
Share
More Decks by ValentineRutto
See All by ValentineRutto
Kickstarting your tech career
valentinerutto
1
42
The D in SOLID Principles
valentinerutto
0
220
Consuming Rest Api with retrofit in Android
valentinerutto
0
230
Exposing Network Result Status in MVVM
valentinerutto
0
71
Complex ui animation with Motion layout
valentinerutto
0
91
Tech Opportunities
valentinerutto
1
96
Android paging library
valentinerutto
0
250
Android Room persistence library
valentinerutto
0
160
UI/UX FOR MOBILE
valentinerutto
0
250
Other Decks in Programming
See All in Programming
What Spring Developers Should Know About Jakarta EE
ivargrimstad
0
250
PicoRuby on Rails
makicamel
2
100
AIエージェントはこう育てる - GitHub Copilot Agentとチームの共進化サイクル
koboriakira
0
390
第9回 情シス転職ミートアップ 株式会社IVRy(アイブリー)の紹介
ivry_presentationmaterials
1
240
AIコーディング道場勉強会#2 君(エンジニア)たちはどう生きるか
misakiotb
1
250
FormFlow - Build Stunning Multistep Forms
yceruto
1
190
ReadMoreTextView
fornewid
1
480
Java on Azure で LangGraph!
kohei3110
0
170
AWS CDKの推しポイント 〜CloudFormationと比較してみた〜
akihisaikeda
3
310
LINEヤフー データグループ紹介
lycorp_recruit_jp
0
890
AIプログラマーDevinは PHPerの夢を見るか?
shinyasaita
1
130
PHPで始める振る舞い駆動開発(Behaviour-Driven Development)
ohmori_yusuke
2
190
Featured
See All Featured
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
34
3k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.3k
Imperfection Machines: The Place of Print at Facebook
scottboms
267
13k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
161
15k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
29
9.5k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
17
940
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
138
34k
The Cult of Friendly URLs
andyhume
79
6.5k
Building an army of robots
kneath
306
45k
Into the Great Unknown - MozCon
thekraken
39
1.9k
Adopting Sorbet at Scale
ufuk
77
9.4k
Building Flexible Design Systems
yeseniaperezcruz
328
39k
Transcript
Network Security in Android
None
KOKO is mainstreaming liquid bio-ethanol cooking fuel as a fast,
safe and affordable alternative to dirty cooking fuels such as charcoal https://kokonetworks.com
Protecting your app from reverse engineering and man in the
middle attacks
SSL certificate pinning Obfuscation with proguard
SSL Certificate pinning Why SSL Certificate pinning? to prevent man
in the middle attack What is SSL? -Secure Socket Layer - its a protocol that has always been used to encrypt and secure transmitted data between server and client (website and browser).
SSL Certificate pinning What is ssl certificate pinning? is ensuring
that any client SSL request first validates that the server’s certificate exactly matches the bundle’s certificate previously stored in the application.
SSL Certificate pinning
SSL Certificate pinning What steps do we need? • Obtaining
a certificate for the desired host (preferably the whole certificate chain). • Pin the certificate to an instance of DefaultHttpClient
SSL Certificate pinning Get certificate public key from ssllabs This
is the hashed public key of the certificate
SSL Certificate pinning
SSL Certificate pinning
SSL Certificate pinning - Failure
Obfuscation What? -is a process of creating source code in
a form that is hard for human to understand. Why? To prevent reverse engineering To reduce your app size
1. Configure your gradle file (app/gradle) 2. Use default android
proguard rules or create your own 3. Edt your rules Obfuscation Steps
Obfuscated Code
Non-obfuscated code
Resources Proguard android ssl pinning practical proguard rules
Demo….!!!!!! Demo github link
Thank you !!