Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Network_Security_in_Android.pdf
Search
ValentineRutto
November 16, 2019
Programming
0
58
Network_Security_in_Android.pdf
ValentineRutto
November 16, 2019
Tweet
Share
More Decks by ValentineRutto
See All by ValentineRutto
Kickstarting your tech career
valentinerutto
1
45
The D in SOLID Principles
valentinerutto
0
220
Consuming Rest Api with retrofit in Android
valentinerutto
0
230
Exposing Network Result Status in MVVM
valentinerutto
0
79
Complex ui animation with Motion layout
valentinerutto
0
95
Tech Opportunities
valentinerutto
1
98
Android paging library
valentinerutto
0
250
Android Room persistence library
valentinerutto
0
160
UI/UX FOR MOBILE
valentinerutto
0
260
Other Decks in Programming
See All in Programming
組込みだけじゃない!TinyGo で始める無料クラウド開発入門
otakakot
0
270
詳しくない分野でのVibe Codingで困ったことと学び/vibe-coding-in-unfamiliar-area
shibayu36
3
5k
Six and a half ridiculous things to do with Quarkus
hollycummins
0
170
Pull-Requestの内容を1クリックで動作確認可能にするワークフロー
natmark
2
510
Goで実践するドメイン駆動開発 AIと歩み始めた新規プロダクト開発の現在地
imkaoru
4
840
なぜGoのジェネリクスはこの形なのか? Featherweight Goが明かす設計の核心
ryotaros
7
1.1k
ALL CODE BASE ARE BELONG TO STUDY
uzulla
19
4.9k
Devoxx BE - Local Development in the AI Era
kdubois
0
130
uniqueパッケージの内部実装を支えるweak pointerの話
magavel
0
1k
オープンソースソフトウェアへの解像度🔬
utam0k
15
2.8k
Cloudflare AgentsとAI SDKでAIエージェントを作ってみた
briete
0
150
「ちょっと古いから」って避けてた技術書、今だからこそ読もう
mottyzzz
10
6.7k
Featured
See All Featured
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
37
2.6k
Git: the NoSQL Database
bkeepers
PRO
431
66k
Art, The Web, and Tiny UX
lynnandtonic
303
21k
Large-scale JavaScript Application Architecture
addyosmani
514
110k
Making Projects Easy
brettharned
120
6.4k
How to Think Like a Performance Engineer
csswizardry
27
2k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
189
55k
Unsuck your backbone
ammeep
671
58k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
30
2.9k
Testing 201, or: Great Expectations
jmmastey
45
7.7k
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
The World Runs on Bad Software
bkeepers
PRO
72
11k
Transcript
Network Security in Android
None
KOKO is mainstreaming liquid bio-ethanol cooking fuel as a fast,
safe and affordable alternative to dirty cooking fuels such as charcoal https://kokonetworks.com
Protecting your app from reverse engineering and man in the
middle attacks
SSL certificate pinning Obfuscation with proguard
SSL Certificate pinning Why SSL Certificate pinning? to prevent man
in the middle attack What is SSL? -Secure Socket Layer - its a protocol that has always been used to encrypt and secure transmitted data between server and client (website and browser).
SSL Certificate pinning What is ssl certificate pinning? is ensuring
that any client SSL request first validates that the server’s certificate exactly matches the bundle’s certificate previously stored in the application.
SSL Certificate pinning
SSL Certificate pinning What steps do we need? • Obtaining
a certificate for the desired host (preferably the whole certificate chain). • Pin the certificate to an instance of DefaultHttpClient
SSL Certificate pinning Get certificate public key from ssllabs This
is the hashed public key of the certificate
SSL Certificate pinning
SSL Certificate pinning
SSL Certificate pinning - Failure
Obfuscation What? -is a process of creating source code in
a form that is hard for human to understand. Why? To prevent reverse engineering To reduce your app size
1. Configure your gradle file (app/gradle) 2. Use default android
proguard rules or create your own 3. Edt your rules Obfuscation Steps
Obfuscated Code
Non-obfuscated code
Resources Proguard android ssl pinning practical proguard rules
Demo….!!!!!! Demo github link
Thank you !!