Hendrik Pilz
It really matters...
Picture: Mike Licht CC BY 2.0
Babyphone hacked, Baby ranted
115 batshit stupid things you can put on the internet in as fast as I can go by Dan Tentler
Security people like breaking things (hacking)
Developers like building things (hacking)
Hack yourself first!
24.7% of apps include at least one high-risk security flaw
35% of mobile communications are unencrypted
Source: NowSecure Mobile Security Report
Even Mobile Security apps have security issues:
(In-) Security of Security Applications
Source: TeamSIK / Fraunhofer SIT
Take care of security
Check and contribute: OWASP Mobile Security Project
Reverse your own apps to see what others might see
e.g. with AndroGuard, dex2jar, JD-GUI
Monitor your apps network traffic
e.g. with Wireshark
Think twice before you copy'n'paste from StackOverflow
Have a security contact person in your team
Respond to vulnerabilities reported by 3rd parties
Reverse Engineering is not just for Hackers!
by Jon Reeve (Thursday 14:45 to 15:30 @ Stage 1)
May I?
by Sonja Kesic (Thursday 14:45 to 15:30 @ Stage 2)
Building simple and secure Account Systems on Android
by Steven Soneff (Friday 11:45 to 12:30 @ Stage 1)
Security at your Fingertips - A Dive into Marshmallow's new Fingerprint and Keystore APIs
by Frederik Schweiger (Friday 16:45 to 17:30 @ Stage 1)
This presentation is available at
https://www.hepisec.de/droidcon-berlin-2016/