All Your Code Belongs to Us - Dismantling Android Secrets With CodeInspect

Explore the intricacies of Android security and reverse engineering in this 49-minute conference talk from GOTO Copenhagen 2015. Delve into the world of sophisticated Android malware, including "sleeper" applications that evade dynamic analysis techniques. Learn about CodeInspect, a tool for dismantling Android secrets, and discover protection methods against reverse engineering. Examine the architecture of malware, the process of importing APKs, and the analysis of resources and permissions. Investigate debugging techniques, SMS receiving vulnerabilities, and the implications of copyright laws in app development. Gain insights into open-source projects, backend systems, string encryption methods, and the commercialization of Android applications. Presented by Steven Arzt, maintainer of Soot and FlowDroid open-source projects and researcher at TU Darmstadt, this talk offers a comprehensive look at Android security challenges and solutions.

Intro
The Play Store Model
Pirated Apps
CodeInspect
Protection Against Reverse Engineering
Architecture
Malware
Import APK
Resources
Permissions
MainActivity
Debugging
SMS Receiving
Copyright Laws
Open Source
Backend
String Encryption
Source Mode
Commercialization