YoVDO

You Won't Even Know It's Recording You

Offered By: Security BSides London via YouTube

Tags

Security BSides Courses Security Research Courses

Course Description

Overview

Explore the world of third-party app analytics tools and their impact on user privacy in this eye-opening Security BSides London talk. Delve into the growing trend of app developers utilizing analytics SDKs like GlassBox, AppSee, Testfairy, and UXCam to gain insights into user behavior, crashes, and bugs. Examine the privacy concerns surrounding 'Session Replay' technology, which can record sensitive information such as login credentials and financial data. Learn about in-depth analyses of popular apps, uncovering various methods used to record user screens and sessions on both iOS and Android platforms. Discover static and dynamic techniques for identifying Session Replay capabilities in apps, and understand advanced device fingerprinting methods employed at hardware, OS, and application levels. Gain valuable insights into how app developers and third-party analytics services can potentially profile and attribute users by correlating this information with user identities.

Syllabus

Introduction
Session Replay
User Expectations
Air Canada Incident
SDKs


Taught by

Security BSides London

Related Courses

Harmonicas and Communication Skills
YouTube
Opening the Door to InfoSec
YouTube
Everything I Need to Know About Infosec I Learned from Gambling - Cliff Smith
YouTube
The State of Security - BSides
YouTube
Your Users Passwords Are Already Stolen
YouTube