Invalid quantity. Please enter a quantity of 1 or more.
The quantity you chose exceeds the quantity available.
Please enter your name.
Please enter an email address.
Please enter a valid email address.
Please enter your message or comments.
Please enter the code as shown on the image.
Please select the date you would like to attend.
Please enter an email address.
Please enter a valid email address in the To: field.
Please enter a subject for your message.
Please enter a message.
You can only send this invitations to 10 email addresses at a time.
$$$$ is not a properly formatted color. Please use the format #RRGGBB for all colors.
Please limit your message to $$$$ characters. There are currently ££££.
$$$$ is not a valid email address.
Please enter a promotional code.
N/A
Sold Out
Unavailable
Please enter a password with at least 8 characters.
You have exceeded the time limit and your reservation has been released.
The purpose of this time limit is to ensure that registration is available to as many people as possible. We apologize for the inconvenience.
This option is not available anymore. Please choose a different option.
Please read and accept the waiver.
All fields marked with * are required.
Please double check your email address. The email address format does not appear valid.
Please double check your email address. Your emails do not match.
$$$$ requires a number between ££££ and §§§§
US Zipcodes need to be 5 digits.
Postal code may contain no more than 9 letter or number characters.
Please double check your website URL.
All fields marked with * are required.
Your card expiration date is in the past.
Your card CSC needs to be 4 digits.
Please confirm your order: $$$$ You have selected to Pay by Check.
Click OK to confirm your order.
Please confirm your order: $$$$ You have selected to Pay at the Door.
Click OK to confirm your order.
Please confirm your order: $$$$ You have selected to Pay upon Receiving an Invoice.
Click OK to confirm your order.
Your card CSC needs to be 3 digits.
Sofort is only available in Germany and Austria.
Boleto Bancario is only available in Brazil.
OXXO is only available in Mexico.
PagoFacil is only available in Argentina.
Rapipago is only available in Argentina.
Please enter a valid IBAN number.
You need to accept to charge your bank account.
Your billing zip code needs to be 5 digits.
Please double check your CEP info. The CEP format should be something like 12345-678.
Please double check your tax identifier.
There was a problem saving your address.
There was a problem saving your card info.
There was a problem saving your personal information.
Please select the date you would like to attend.
McAfee Secure sites help keep you safe from identity theft, card fraud, spyware, spam, viruses and online scams.
Copying Prohibited by Law - McAfee Secure is a Trademark of McAfee, Inc.
Unknown card type.
No card number provided.
card number is in invalid format.
Wrong card type or card number is invalid.
card number has an inappropriate number of digits.
Please enter numbers here.
Please enter an integer value.
Numbers must be less or equal to $$$$
All the required fields have not been filled out. Click OK to proceed without all the required information, or click Cancel to finish entering the missing data.
Job titles must be less than 50 characters.
There is currently an issue with card submission on Safari with iOS7. Please try again with a different browser or device.
Sorry, invalid event registration form.
Sorry, invalid event or database error.
Sorry, quantity must be a positive integer.
Sorry, you did not select a valid ticket.
Sorry, invalid event organizer email address.
Your order was canceled.
Thank You. Your order has been successfully completed. Your name and email address have been added to the list of event attendees.
Sorry, that option is sold out.
Sorry, that option is no longer available.
Sorry, you entered an invalid quantity. Please enter a quantity of 1 or more next to the type or types of tickets you would like to purchase.
Sorry, you did not select any tickets to purchase. Please enter a quantity of 1 or more next to the type or types of tickets you would like to purchase.
Sorry, there are no tickets left for this event.
The tickets, ticket quantity or date and time you've requested are no longer available, due to previous sales. Please choose a different date, time or number of tickets and place your order again.
Sorry, one or more of the tickets you requested are no longer available for purchase.
Sorry, you need to select the date you want to attend.
Sorry, the promotional code you entered is not valid yet.
Sorry, the promotional code you entered has expired.
Sorry, the promotional code you entered is not valid.
Your session has expired. Try ordering again.
Sorry, your requested ticket quantity exceeds the number provided by your promotional code.
CommonsWare Seminar: Securing Your Apps and Your Users
Security has been getting a lot more attention recently, due to high-profile attacks that have garnered lots of news coverage. Mobile security is no different, as app developers have to take into account how to secure their apps — and, by extension, their users and those users' data — from attackers bent on absconding with, or damaging, data.
In this one-day seminar, we will explore what it takes to get your app ready for the first wave of "M" devices, so you can meet your power users' expectations and help put some distance between yourself and any competing apps.
Course Outline
The seminar will cover the following specific topics:
Overview of Android Security (~0.5 hours)
What are the various layers of the Android security model that affect developers?
How does Android use the Linux process model to help secure our apps?
What impacts does this model have on our ability to work with local files?
What is going on with removable media on Android, anyway?
Android's Permission System (~1 hour)
What is Android's permission system?
How do we declare our wish to hold certain permissions?
How do we know if we hold those permissions?
How do we ask the user to kindly consider granting us those permissions?
How do we define custom permissions, and what are the problems with doing so?
App-Level Data Encryption (~1.5 hours)
Why might we want to encrypt our local data?
What is SQLCipher for Android?
How can we use SQLCipher for Android as an encrypted replacement for standard SQLite?
How can we encrypt other sorts of files?
What about Facebook's Conceal library?
Where do we get our encryption passphrase from?
What is Android's keystore, and how can we use it to help with encrypting user data?
How can we use two-factor authentication, such as fingerprints, to tie into our encryption process?
Defending App APIs and UIs (~2 hours)
What are our app's APIs?
When are components exported, and when are they not exported?
How do I secure my components with permissions?
How do I grant temporary access to my ContentProvider, while normally keeping it secured?
How can my components — or the components that my app talks to — be spoofed?
How can I check signatures of apps to determine if the partner app is what I think it is?
What was the tapjacking attack, and what is the activityjack attack?
What is the camera peeking attack?
How do I defend against screenshots?
How do I "defend" against AccessibilityService and NotificationListenerService implementations?
Why is the clipboard insecure?
SSL (~1 hour)
How can I use SSL on Android?
Why might I want to use a self-signed certificate, and how can I use one on Android?
What is "pinning" with regards to SSL, and how can I employ it in Android?
What is "memorization" with regards to SSL, and how can I employ it in Android?
How can I deal with revoked SSL certificates, as we encountered with Heartbleed?
Device Administration and Full-Disk Encryption (~1 hour)
What is device administration?
How do I make my app be a device administrator?
What can I do given that I am a device administrator?
What is the "device owner" stuff that got added to Android 5.0?
What is the story around full-disk encryption on Android?
Can Android's full-disk encryption be defeated?
Note that there may be slight adjustments to the agenda as Android evolves between now and the seminar, but it should remain mostly intact.
What Else Do I Need to Know?
The more attendees we get, the lower the price will be for all attendees. The cost to you could drop to as little as $250 if we get 20 or more people signed up. The details for the pricing can be found on the CommonsWare site.
The event will be held at the NYC Seminar and Convention Center, conveniently located in midtown Manhattan, assuming that midtown Manhattan is a convenient location for you. If not, New York City would love to have you come by anyway!
This seminar is taught by Mark Murphy. On the plus side, he is a world-renowned expert on Android app development. That being said, sometimes he is insecure.
CommonsWare publishes The Busy Coder's Guide to Android Development, the world's oldest, largest, and most frequently updated book on Android application development. Mark Murphy, the author of the book, has also contributed over 15,000 answers on StackOverflow and other developer support venues. Mr. Murphy delivers on-site training, plus many conference presentations annually, including every AnDevCon, the 2010-2014 droidcon UK conferences, the 2014 droidcon NYC conference, the 2013 and 2014 Samsung Developers Conferences, and the 2014 WIPJam at Mobile World Congress.
Share Advanced Android: Securing Your Apps and Your Users
Share Tweet