You Won't Even Know It's Recording You
Offered By: Security BSides London via YouTube
Course Description
Overview
Explore the world of third-party app analytics tools and their impact on user privacy in this eye-opening Security BSides London talk. Delve into the growing trend of app developers utilizing analytics SDKs like GlassBox, AppSee, Testfairy, and UXCam to gain insights into user behavior, crashes, and bugs. Examine the privacy concerns surrounding 'Session Replay' technology, which can record sensitive information such as login credentials and financial data. Learn about in-depth analyses of popular apps, uncovering various methods used to record user screens and sessions on both iOS and Android platforms. Discover static and dynamic techniques for identifying Session Replay capabilities in apps, and understand advanced device fingerprinting methods employed at hardware, OS, and application levels. Gain valuable insights into how app developers and third-party analytics services can potentially profile and attribute users by correlating this information with user identities.
Syllabus
Introduction
Session Replay
User Expectations
Air Canada Incident
SDKs
Taught by
Security BSides London
Related Courses
Harmonicas and Communication SkillsYouTube Opening the Door to InfoSec
YouTube Everything I Need to Know About Infosec I Learned from Gambling - Cliff Smith
YouTube The State of Security - BSides
YouTube Your Users Passwords Are Already Stolen
YouTube