Day two of Droidcon UK has ended, thus concluding this year's conference and preparing everyone for this upcoming droidcon2gether weekend! One of this weekend's challenges is organized by our very own Jeremy Meiss, and the challenge is to build an Xposed Module that fundamentally changes the user interaction in an app, system or user. We checked out some more talks again today, including a talk about common poor coding patterns, Bluetooth Low Energy Mode (BLE), and a talk about hacking Android applications to steal user data and record them unknowingly (and how to stop it). We also interviewed more attendees at the conference, the videos of which will be uploaded to YouTube over the common days on the XDA-Developers YouTube channel.
"Common Poor Coding Patterns and How to Avoid Them" at Droidcon UK
A topic aimed at beginners to programming, Alice Yuan goes over the simple "do's and dont's" of programming as a beginner. She went through the worst practices, how to better write your own code, and the methods to test your programs to make sure they work. She also gave an example of bad code, solutions to certain poor coding and then a final, well-programmed solution. You can check out her GitHub repository here.
"Bluetooth Low Energy on Android" at Droidcon UK
A talk aimed more at developers, Stuart Kent spoke about the various nuances of developing for Bluetooth Low Energy Mode on Android and gave some context to what it actually is. We learned about the strange parts of Bluetooth, including that you need a to use certain features you need to request the COARSE_LOCATION feature, as technically it could be possible to gain information about the user's whereabouts if they pinged enough nearby Bluetooth devices.
"Hacking Android: A Hacker's Perspective" at Droidcon UK
"Worrying is like a rocking chair: it gives you something to do but never gets you anywhere". This was how the talk opened, setting the tone for the remainder of the 45 minutes. Devices are insecure, people will worry, but that achieves absolutely nothing. There are plenty of malicious applications on the Google Play Store for example, and then all of the other exploits listed below.
- Stagefright
- DirtyCOW
- Broadpwn
- Cloak and Dagger
An extremely interesting talk, we learned about the various exploits within Android over the years. These have all been detrimental to security, however, one of the simpler methods of attack was shown through backdooring an application. This let Chris record your microphone or camera without ever showing it to the end user, simply through the Netflix application and then the Facebook application. You can check out his GitHub and how he does it here!
Droidcon UK Day 2
So that's all! Keep an eye on our YouTube Channel for video recaps and the many interviews we did over the day, and we'll see you guys at this droidcon2gether weekend and at next year's Droidcon!
from xda-developers http://ift.tt/2iJ9nqL
via IFTTT
No comments:
Post a Comment