What's New in Android Security - Android Nougat and O Developer Preview

Explore the latest advancements in Android security at Google I/O '17. Dive into the enhanced protections implemented in Android Nougat and O Developer Preview, covering boot process verification, runtime component hardening, and improved data protection during transit. Learn how to leverage new security APIs, Google's security services, and best practices to safeguard user data and maintain app security. Discover app analysis at scale, machine learning applications, Find My Device feature, Verify Apps API, SafetyNet attestation, and reCAPTCHA for Android. Examine improvements in Verified Boot, encryption adoption, and secure lock screen acceptance. Gain insights on permissions best practices, ransomware prevention, privacy controls, and the updated permissions model for Instant Apps. Understand sandboxing, isolation techniques, SELinux effectiveness, and media stack hardening in Nougat. Explore kernel security enhancements, including attack surface reduction with seccomp. Delve into WebView security, device authentication, and Keystore key attestation. Access valuable developer resources to implement robust security measures in your Android applications.

Intro
App analysis at scale
Machine learning
Find My Device
Verify Apps API
SafetyNet attestation
reCAPTCHA for Android
Install unknown apps
Verified Boot
Encryption adoption
Secure lock screen adoption
Acceptance rate
Look for permissions best practices
Fighting ransomware
Privacy controls
Updated permissions model for Instant Apps
Sandboxing and isolation
SELinux effectiveness
Media stack hardening in Nougat
Killing 20+% media stack bugs
Treble case study: media stack
Kernel is the new target
What causes kernel bugs?
Kernel attack surface reduction with seccomp
Seccomp case study: Chrome
WebView security
WebView renderer in an isolated process
Safe Browsing in WebView
Device authentication
Keystore key attestation
Developer resources