Collin Mulliner

SafetyNet Attestation is the primary platform security service on Android. Until recently you had to use third party tools or implemented your own app integrity checks and device rooting checks. Today you can use Android's SafetyNet Attestation infrastructure to ensure the integrity of your application and the user's device. Unfortunately, SafetyNet Attestation is not well documented by Google. This talk is split into three parts. Part one provides a deep dive into SafetyNet Attestation how it works. Part two is a guide on how to implement and use it for real world applications. This is based on the lessons learned from implementing SafetyNet Attestation for an app with a large install base. The talk will provide you with everything you need to know about Android’s SafetyNet Attestation and will help you to implement and use it in your app. Part three presents attacks and bypasses against SafetyNet Attestation. The attack method targets not only SafetyNet but other similar approaches. New tools and techniques will be released at this talk.

As application security becomes more important on Android we need better tools to analyze and understand them. Android applications are written in Java and a run in the Dalvik VM. Until now most analysis is done via disassembling and monitored execution in an emulator. This talk presents a new technique to instrument Android applications executed in the DVM. The talk will introduce the new technique in great detail including many small examples and a whole attack based on it. We will go step by step to show you what can be achieved using this technique.

As application security becomes more important on Android we need better tools to analyze and understand them. Android applications are written in Java and a run in the Dalvik VM. Until now most analysis is done via disassembling and monitored execution in an emulator. This talk presents a new technique to instrument Android applications executed in the DVM. The talk will introduce the new technique in great detail including many small examples and a whole attack based on it. We will go step by step to show you what can be achieved using this technique. Outline: General Introduction Background Introduction to Android and Dalvik Applications Introduction to Dynamic Instrumentation Basics (Native Code) Introducing: Android DDI Details Tools Examples Real World Attack Example Conclusions Take Away: This talk is highly technical, you will learn about new techniques for analyzing and modifying Android applications. You will want to try out what you saw in this talk.