Keep it Like a Secret - When Android Apps Contain Private Keys
Offered By: Security BSides San Francisco via YouTube
Course Description
Overview
Explore the critical issue of private key exposure in Android applications through this eye-opening conference talk. Discover how Will Dormann processed over 1 million Google Play Store apps to uncover thousands of improperly secured private keys. Learn about the various types of exposed keys, including PGP, SSH, OpenVPN, app signing keys for both Android and iOS, and HTTPS web server keys. Gain insights into password cracking techniques used to access protected private keys and understand the potential security implications of these exposures. Delve into the reasons behind this widespread problem, whether due to inappropriate design or accidental inclusion, and consider the importance of proper key management in mobile app development.
Syllabus
BSidesSF 2018 - Keep it Like a Secret: When Android Apps Contain Private Keys (Will Dormann)
Taught by
Security BSides San Francisco
Related Courses
Early Detection through DeceptionYouTube Hack for Show, Report for Dough - Brian King
YouTube Blue Teamin on a Budget of Zero - Kyle Bubp
YouTube Windows Event Logs - Zero to Hero
YouTube Weaponizing Splunk - Using Blue Team Tools for Evil
YouTube