WEBVTT 1 00:00:00.000 --> 00:00:02.080 All right, let's dive in. Today. We're taking a deep 2 00:00:02.200 --> 00:00:04.080 dive into mobile app security. 3 00:00:04.320 --> 00:00:05.799 Ooh sounds interesting. 4 00:00:06.160 --> 00:00:09.720 Yeah, specifically for Android and iOS devices. You know, keeping 5 00:00:09.759 --> 00:00:11.640 all that sensitive info on our phone. 6 00:00:11.480 --> 00:00:14.640 Safe very important these days, right, And I've. 7 00:00:14.519 --> 00:00:18.079 Been looking through these guides and technical documents. We have, oh. 8 00:00:17.719 --> 00:00:19.960 Wow, some serious stuff it is. 9 00:00:20.000 --> 00:00:22.760 I even came across a security testing tool called drozer 10 00:00:23.239 --> 00:00:23.839 for Android. 11 00:00:24.039 --> 00:00:24.679 Drozer. 12 00:00:24.879 --> 00:00:26.600 Yeah sounds pretty intense, right, it. 13 00:00:26.519 --> 00:00:29.440 Does definitely need an expert to break all that down. 14 00:00:29.440 --> 00:00:33.119 Well, that's why you're here. So from this mountain of info, 15 00:00:33.359 --> 00:00:36.039 what's the biggest thing our listeners should know about mobile 16 00:00:36.039 --> 00:00:37.359 app security? Hmmmm? 17 00:00:37.840 --> 00:00:40.759 The biggest thing, Well, I'd say it's that security isn't 18 00:00:40.799 --> 00:00:41.679 just a one time thing. 19 00:00:41.719 --> 00:00:43.479 Okay, not a set it and forget it kind of 20 00:00:43.479 --> 00:00:44.320 deal exactly. 21 00:00:44.399 --> 00:00:48.119 It's more like building a house, you know. I like 22 00:00:48.159 --> 00:00:51.000 that you need a strong foundation, and then you got 23 00:00:51.039 --> 00:00:53.840 to keep building those walls making sure everything inside is protected. 24 00:00:54.159 --> 00:00:57.000 So like, what are the foundation and walls when it 25 00:00:57.039 --> 00:00:57.399 comes to. 26 00:00:57.359 --> 00:01:00.920 Our phones, Well, the operating systems Android iOS, those are 27 00:01:00.960 --> 00:01:02.759 your foundation, makes sense. 28 00:01:02.600 --> 00:01:05.680 They have built in security features. But then you need 29 00:01:05.920 --> 00:01:10.319 strong walls, like strong passwords being careful about which apps 30 00:01:10.359 --> 00:01:11.760 get what permissions right. 31 00:01:11.920 --> 00:01:13.719 Those permissions can be tricky. 32 00:01:13.480 --> 00:01:16.599 And understanding how apps use your data that's important too. 33 00:01:16.840 --> 00:01:19.640 It's easy to forget our phones are mini computers packed 34 00:01:19.640 --> 00:01:21.680 with sensitive information exactly. 35 00:01:21.840 --> 00:01:24.519 Yeah, and that's why knowing the strengths and weaknesses of 36 00:01:24.560 --> 00:01:29.040 each platform is crucial. So let's start with Android. Android 37 00:01:29.280 --> 00:01:32.079 it's open source nature. It's great for customization. 38 00:01:32.319 --> 00:01:33.959 Yeah, you can really personalize it. 39 00:01:34.040 --> 00:01:37.319 But that flexibility well, can also create vulnerabilities. 40 00:01:37.439 --> 00:01:39.920 So it's like hmm, having a house with lots of 41 00:01:39.920 --> 00:01:42.680 doors and windows, more ways to come and go, but 42 00:01:42.760 --> 00:01:45.159 also more entry points for trouble. 43 00:01:45.359 --> 00:01:48.159 That's a good way to visualize it. Take rooting for example. 44 00:01:48.319 --> 00:01:51.079 Rooting it gives you complete control of your Android device. 45 00:01:51.200 --> 00:01:55.519 Sounds powerful it is, but it also removes safety barriers 46 00:01:55.519 --> 00:01:57.439 that protect against malicious apps. 47 00:01:57.959 --> 00:02:01.480 So even though Android has sandboxing to isolate apps, rooting 48 00:02:01.519 --> 00:02:02.799 bypasses that exactly. 49 00:02:02.879 --> 00:02:05.079 It's a trade off. And then there's how Android apps 50 00:02:05.120 --> 00:02:05.799 talk to each other. 51 00:02:06.000 --> 00:02:09.560 They talk to each other, yeah, through something called interprocess 52 00:02:09.599 --> 00:02:11.280 communication or IPC. 53 00:02:11.520 --> 00:02:15.199 IPC like a secret language. You could say that they 54 00:02:15.280 --> 00:02:17.520 use it to share data and resources. But if it's 55 00:02:17.560 --> 00:02:21.120 not implemented correctly, well, it creates vulnerabilities hackers can exploit. 56 00:02:21.400 --> 00:02:25.439 Wow, I had no idea. So how do Android developers 57 00:02:25.479 --> 00:02:28.360 make sure their apps are secure with all these potential risks? 58 00:02:28.560 --> 00:02:31.479 Security testing is key. There are tools like Drozer. 59 00:02:31.759 --> 00:02:35.199 Ah, Drozer are intense friend right. 60 00:02:35.599 --> 00:02:39.439 It simulates attacks to find vulnerabilities before the bad guys 61 00:02:39.439 --> 00:02:40.159 can exploit them. 62 00:02:40.240 --> 00:02:42.560 So Drozer is like a security guard patrolling the app 63 00:02:42.599 --> 00:02:44.960 for weak points. What kind of things does it find? 64 00:02:45.039 --> 00:02:48.520 All sorts of things like insecure data storage? 65 00:02:48.719 --> 00:02:50.439 In secure data storage. 66 00:02:50.520 --> 00:02:53.319 Yeah, like if an app is storing passwords and plaintext, 67 00:02:53.400 --> 00:02:54.639 that's a huge red flag. 68 00:02:54.759 --> 00:02:57.000 Makes sense, like leaving your house keys under the mat. 69 00:02:57.039 --> 00:03:01.400 Exactly and beyond Rozer. Understanding Android pro missions is vitle. 70 00:03:01.280 --> 00:03:03.639 Right those pop ups asking if an app can access 71 00:03:03.639 --> 00:03:04.719 your camera or location? 72 00:03:05.000 --> 00:03:07.840 Yes, but just because an app asks doesn't mean you 73 00:03:07.879 --> 00:03:08.520 have to say yes. 74 00:03:08.639 --> 00:03:13.960 Good point. Always think does this app really need this access? 75 00:03:14.080 --> 00:03:16.599 Like does a flashlight app need access to my contacts? 76 00:03:16.919 --> 00:03:21.960 Probably not exactly, be mindful. So we've talked about Android's 77 00:03:21.960 --> 00:03:27.599 potential issues, but what about iOS? Apples known for its security, right, absolutely, 78 00:03:27.840 --> 00:03:31.719 iOS takes a much more locked down approach, very controlled. 79 00:03:31.840 --> 00:03:34.719 So fewer doors and Windows tougher security checks. 80 00:03:34.800 --> 00:03:38.360 Exactly. Apple vets apps before they're allowed in the App Store. 81 00:03:38.400 --> 00:03:41.479 They use code signing. Code sign it ensures the app 82 00:03:41.520 --> 00:03:45.039 hasn't been tampered with. Plus they have strict sandboxing to 83 00:03:45.159 --> 00:03:46.599 limit what apps can access. 84 00:03:46.759 --> 00:03:49.159 So Apple's like a super strict bouncer at a club. 85 00:03:49.240 --> 00:03:51.759 Huh haha. That's one way to put it. But even 86 00:03:51.800 --> 00:03:54.199 with these safeguards, no system is perfect, right. 87 00:03:54.240 --> 00:03:55.759 There are always ways around things. 88 00:03:55.639 --> 00:03:56.560 Like jail braking. 89 00:03:56.800 --> 00:03:58.000 Jail braking I've heard of that. 90 00:03:58.039 --> 00:04:02.439 It's like rooting on Android. Remove restrictions but also increases risk. 91 00:04:02.639 --> 00:04:05.199 So you're picking the lock on that high security building, 92 00:04:05.280 --> 00:04:08.560 gaining freedom, but also compromising the system exactly. 93 00:04:08.800 --> 00:04:11.479 And developers they need to be just as careful about 94 00:04:11.520 --> 00:04:13.639 security on iOS as they are an Android. 95 00:04:13.919 --> 00:04:17.600 So no matter the platform, there are common security slip ups, 96 00:04:18.079 --> 00:04:19.639 even for well meaning developers. 97 00:04:19.759 --> 00:04:23.879 Definitely. One big one is improper platform usage. 98 00:04:24.120 --> 00:04:26.360 Improper platform usage, Yeah. 99 00:04:26.120 --> 00:04:29.720 It could be misusing platform features or failing to do 100 00:04:29.800 --> 00:04:34.399 things like certificate validation when talking to servers. 101 00:04:34.399 --> 00:04:36.240 Certificate validation was that it's like. 102 00:04:36.279 --> 00:04:38.800 Checking someone's ID before you let them in your house. 103 00:04:39.279 --> 00:04:41.839 When an app connects to a server, it should verify 104 00:04:41.879 --> 00:04:43.920 that server's digital certificate to. 105 00:04:43.879 --> 00:04:46.480 Make sure it's legit and not some imposter trying to 106 00:04:46.519 --> 00:04:48.279 steal data exactly. 107 00:04:48.439 --> 00:04:53.680 And another common issue is insecure authentication and authorization. 108 00:04:53.480 --> 00:04:55.959 So weak passwords or leaky user sessions. 109 00:04:56.079 --> 00:04:58.839 Yeah, developers need to build strong log in systems and 110 00:04:58.839 --> 00:05:01.680 make sure user data is left vulnerable absolutely. 111 00:05:01.839 --> 00:05:04.600 And then there's well just plain old bad code. 112 00:05:04.720 --> 00:05:07.959 Ah. Yes, code quality is crucial. Poorly written code can 113 00:05:08.000 --> 00:05:09.279 lead to reverse engineering. 114 00:05:09.399 --> 00:05:12.000 Reverse engineering like taking part a clock to see how. 115 00:05:11.879 --> 00:05:15.519 It works exactly. Hackers do this to find vulnerabilities. 116 00:05:14.879 --> 00:05:17.839 So they're looking for weaknesses they can exploit, like finding 117 00:05:17.920 --> 00:05:19.839 a flaw in a building's designed to break in. 118 00:05:20.079 --> 00:05:23.040 You got it. Developers need to make their code tough 119 00:05:23.079 --> 00:05:24.120 to reverse engineer. 120 00:05:24.279 --> 00:05:25.079 How do they do that? 121 00:05:25.319 --> 00:05:29.399 They can use obduscation, which scrambles the code, makes it 122 00:05:29.480 --> 00:05:29.879 hard to. 123 00:05:29.879 --> 00:05:31.680 Understand, like a secret code. 124 00:05:31.759 --> 00:05:35.240 And this brings us back to static and dynamic analysis. 125 00:05:35.240 --> 00:05:39.240 In security testing, developers need to examine their code a 126 00:05:39.439 --> 00:05:43.279 and d observe how the app behaves in a safe environment. 127 00:05:43.079 --> 00:05:45.879 So checking the blueprints, andy doing a test. 128 00:05:45.759 --> 00:05:49.399 Run precisely, you got to catch those vulnerabilities from all angles. 129 00:05:49.639 --> 00:05:52.360 Wow, mobile app security is more complex than I thought. 130 00:05:53.000 --> 00:05:55.519 What surprised you the most while going through all this material? 131 00:05:55.839 --> 00:05:57.600 You know, what really stood out to me was the 132 00:05:57.639 --> 00:05:59.959 complexity of iOS data protection. 133 00:06:00.279 --> 00:06:02.160 iOS data protection, Yeah. 134 00:06:01.959 --> 00:06:05.040 It's not just about encryption. It's about different layers of 135 00:06:05.079 --> 00:06:08.040 protection for different types of data, even if your device 136 00:06:08.079 --> 00:06:09.439 gets lost, So like. 137 00:06:09.439 --> 00:06:12.639 Having multiple locks on different rooms in your house, depending 138 00:06:12.639 --> 00:06:14.920 on how valuable the stuff inside is exactly. 139 00:06:15.000 --> 00:06:16.680 Apple really put a lot of thought into that. 140 00:06:16.720 --> 00:06:20.199 It's impressive, it is. So with everything we've learned, what's 141 00:06:20.240 --> 00:06:23.279 one thing our listeners should do right now to improve 142 00:06:23.319 --> 00:06:24.000 their security? 143 00:06:24.199 --> 00:06:27.279 Hmm, I'd say go check the permissions you've given your apps. 144 00:06:27.560 --> 00:06:30.959 Are those apps actually using those permissions or are they 145 00:06:31.000 --> 00:06:33.199 just sitting there potentially exploitable. 146 00:06:33.680 --> 00:06:35.759 That's a great point. I'm definitely gonna be checking mine 147 00:06:35.800 --> 00:06:36.120 after this. 148 00:06:36.319 --> 00:06:39.759 You should. It's easy to just tap allow without thinking, 149 00:06:40.120 --> 00:06:41.560 but those permissions are powerful. 150 00:06:41.759 --> 00:06:46.879 So we've covered Android permissions, iOS data protection, But there's 151 00:06:46.879 --> 00:06:51.439 one big topic we haven't really explored. Jail breaking and rooting. 152 00:06:52.560 --> 00:06:56.279 Yes, the realm, where users take full control for better 153 00:06:56.360 --> 00:06:56.720 or worse. 154 00:06:56.839 --> 00:06:58.920 That sounds like a whole other deep dive, potentially a 155 00:06:58.959 --> 00:06:59.560 dangerous one. 156 00:06:59.600 --> 00:07:01.319 It definitely deserves its own conversation. 157 00:07:01.560 --> 00:07:02.920 Sounds like we'll be back for part two. 158 00:07:03.000 --> 00:07:04.879 Then I'd say that's a safe bet. 159 00:07:04.759 --> 00:07:06.759 Until end listeners stay secure. 160 00:07:08.240 --> 00:07:10.920 Welcome back to the deep dive. Last time, we were 161 00:07:10.920 --> 00:07:13.759 talking about the basics of mobile app security, you know, 162 00:07:13.839 --> 00:07:16.240 exploring the ins and outs of Android and iOS. 163 00:07:16.399 --> 00:07:19.800 Yeah, we got pretty deep into the foundations. 164 00:07:19.160 --> 00:07:21.759 We did, but we looking off on that cliffhanger jail 165 00:07:21.800 --> 00:07:22.639 breaking and routing. 166 00:07:22.839 --> 00:07:26.399 Ah, yes, where users kind of break free from those 167 00:07:26.519 --> 00:07:29.319 Apple and Google restrictions. Yeah right, And I got admit, 168 00:07:29.360 --> 00:07:32.000 I'm a little confused. It seems like wanting more control 169 00:07:32.160 --> 00:07:35.519 but also maybe making your device less secure. 170 00:07:35.959 --> 00:07:38.920 It is a trade off, that's for sure. So first 171 00:07:38.920 --> 00:07:41.079 things first, what do those processes even mean? 172 00:07:41.879 --> 00:07:43.399 Okay, back to basics. 173 00:07:43.160 --> 00:07:47.079 Jail breaking on iOS and rooting on Android. They both 174 00:07:47.120 --> 00:07:51.160 involve well, exploiting vulnerabilities in the operating system. 175 00:07:51.360 --> 00:07:55.680 Exploiting vulnerabilities sounds a bit risky. To gain root access, 176 00:07:55.800 --> 00:07:59.399 rude access. Okay, that sounds powerful but also kind of scary. 177 00:07:59.600 --> 00:08:01.519 Yeah, it's the highest level of privilege you can have 178 00:08:01.560 --> 00:08:04.079 on your device. Think of it like having the master 179 00:08:04.240 --> 00:08:07.079 key that unlocks every single door in a building. 180 00:08:07.399 --> 00:08:09.560 Whoa, Okay, now I get the power part right. 181 00:08:09.360 --> 00:08:11.279 So what can you actually de with that power? 182 00:08:11.399 --> 00:08:12.319 Yeah? What's the point? 183 00:08:12.439 --> 00:08:16.759 Well, you can bypass app store restrictions install apps from anywhere. 184 00:08:16.480 --> 00:08:18.920 You want, so no more Apple or Google saying what 185 00:08:19.000 --> 00:08:20.680 I can and can't download exactly. 186 00:08:20.759 --> 00:08:23.120 You can customize the look and feel of your device 187 00:08:23.199 --> 00:08:23.639 way more. 188 00:08:23.759 --> 00:08:25.360 Ooh, I like customization, and. 189 00:08:25.360 --> 00:08:27.480 You can even tweak how the system itself works, like 190 00:08:27.519 --> 00:08:29.519 battery management or network settings. 191 00:08:29.759 --> 00:08:31.759 So you're basically taking off the training wheels and saying 192 00:08:31.800 --> 00:08:34.000 I'm in control now. Uh huh. 193 00:08:34.120 --> 00:08:36.759 Yeah, that's a good way to put it. But remember 194 00:08:36.799 --> 00:08:40.080 taking off those training wheels also removes some of the safety. 195 00:08:39.679 --> 00:08:42.000 Measures, right the trade off? So what are the risks 196 00:08:42.879 --> 00:08:44.720 like specifically. 197 00:08:44.120 --> 00:08:47.440 Well, one big one is malware. You're opening yourself up 198 00:08:47.480 --> 00:08:51.440 to apps from well less reputable sources, makes sense. 199 00:08:51.440 --> 00:08:53.799 If you're not getting apps from the official stores, who 200 00:08:53.879 --> 00:08:55.600 knows what you're downloading. 201 00:08:55.320 --> 00:08:57.720 Right, and those apps might not have gone through any 202 00:08:57.720 --> 00:09:01.080 security checks. You could end up with anything from annoying 203 00:09:01.159 --> 00:09:05.080 adwear to nasty spyware stealing your data. 204 00:09:05.399 --> 00:09:07.279 Yikes. Okay, that's definitely a. 205 00:09:07.320 --> 00:09:10.200 Risk, and jail breaking or rooting can also make your 206 00:09:10.240 --> 00:09:13.879 device more vulnerable to data breaches. Remember all those security 207 00:09:13.919 --> 00:09:17.720 mechanisms we talked about before, sandboxing, code signing. 208 00:09:17.480 --> 00:09:18.639 Yeah, those sounded pretty important. 209 00:09:18.720 --> 00:09:22.200 Well, those safeguards are basically weakened, sometimes even totally bypassed 210 00:09:22.279 --> 00:09:23.840 when you have root access. 211 00:09:23.919 --> 00:09:27.320 So it's like a disabling the alarm system on your house. Yeah, 212 00:09:27.480 --> 00:09:30.440 makes things easier, but also leaves you wide open to burglars. 213 00:09:30.879 --> 00:09:34.240 Exactly. An attacker if they get root access, they can 214 00:09:34.279 --> 00:09:39.320 potentially see everything on your device, passwords, financial info, photos, 215 00:09:39.519 --> 00:09:40.279 the whole shebang. 216 00:09:40.600 --> 00:09:44.080 Okay, I am officially rethinking those jail break your iPhone 217 00:09:44.120 --> 00:09:45.159 videos I've seen online. 218 00:09:45.240 --> 00:09:48.240 Aha, good call, But to be fair, some people do 219 00:09:48.559 --> 00:09:51.000 jail break or root their phones for privacy reasons. 220 00:09:51.039 --> 00:09:52.360 Oh really, how does that work? 221 00:09:52.679 --> 00:09:56.120 There are some privacy focused apps and tweaks you can 222 00:09:56.159 --> 00:09:58.559 only get on a jail broken or rooted device. 223 00:09:59.279 --> 00:10:02.480 So like blocking trackers or having more control over those 224 00:10:02.519 --> 00:10:03.759 app permissions we talked. 225 00:10:03.600 --> 00:10:06.399 About, exactly, it's like building a higher fence around your 226 00:10:06.440 --> 00:10:08.320 property to keep those prying eyes out. 227 00:10:08.399 --> 00:10:11.600 Okay, I see the appeal, but those fences can have 228 00:10:11.600 --> 00:10:14.480 weak spots, right, given all those other risks, you got it. 229 00:10:14.480 --> 00:10:16.720 It's all about weighing the benefits against the risks. And 230 00:10:16.759 --> 00:10:18.759 if you do decide to go down that road, you 231 00:10:18.840 --> 00:10:21.159 got to be extra vigilant about security. 232 00:10:21.240 --> 00:10:24.159 Okay, good advice. So let's say someone's already jail broken 233 00:10:24.320 --> 00:10:27.799 or rooted their device. What can they do to stay safe? 234 00:10:27.960 --> 00:10:31.000 Well, first and foremost, be super careful about the apps 235 00:10:31.000 --> 00:10:34.480 you install. Stick to trusted developers and sources. 236 00:10:34.320 --> 00:10:36.799 So do your research, read reviews, that sort. 237 00:10:36.600 --> 00:10:40.759 Of thing, exactly. Remember, an app can look harmless but 238 00:10:40.840 --> 00:10:43.159 actually be full of malicious code. 239 00:10:43.519 --> 00:10:46.159 So it's like being careful about what you eat from 240 00:10:46.200 --> 00:10:47.960 a street vendor. You want to go to the one 241 00:10:48.000 --> 00:10:50.600 with a good reputation, not the one that might give 242 00:10:50.600 --> 00:10:51.519 you food poisoning. 243 00:10:51.879 --> 00:10:55.159 Perfect analogy. And just like you wouldn't eat expired food, 244 00:10:55.559 --> 00:10:57.840 keep your device and all your apps up to date 245 00:10:57.840 --> 00:10:59.360 with the latest security patches. 246 00:11:00.000 --> 00:11:02.679 Even if I'm being careful about what I install, new 247 00:11:02.759 --> 00:11:05.200 vulnerabilities pop up all the time. 248 00:11:05.039 --> 00:11:07.720 All the time. Those patches are like fixing those weak 249 00:11:07.759 --> 00:11:09.600 spots in your fence as soon as they appear. 250 00:11:09.720 --> 00:11:11.679 Okay, So it's not just a one time thing, it's 251 00:11:11.679 --> 00:11:13.600 an ongoing process exactly. 252 00:11:13.879 --> 00:11:18.440 And of course, strong unique passwords are crucial especially on 253 00:11:18.480 --> 00:11:21.799 a jail broken or rooted device, and turn on two 254 00:11:21.879 --> 00:11:23.799 factor authentication everywhere you can. 255 00:11:23.960 --> 00:11:26.000 Two factor authentication. That's why they send you a code 256 00:11:26.000 --> 00:11:26.919 to your phone or email. 257 00:11:27.039 --> 00:11:30.000 Right, yep, adds an extra layer of security it And. 258 00:11:29.960 --> 00:11:31.279 What about those app permissions? 259 00:11:31.679 --> 00:11:35.360 Still super important? Be picky about what you allow. Remember 260 00:11:35.480 --> 00:11:38.720 you're giving those apps keys to your house. Don't give 261 00:11:38.799 --> 00:11:40.240 keys to someone you don't trust. 262 00:11:40.720 --> 00:11:45.039 Good point. Even with apps ideo trust I should limit 263 00:11:45.080 --> 00:11:47.679 their access to only what they absolutely need. 264 00:11:48.039 --> 00:11:50.399 Right. The less access they have, the less damage they 265 00:11:50.399 --> 00:11:52.279 can do if something goes wrong. 266 00:11:52.559 --> 00:11:54.679 Okay, this is all making a lot more sense now, 267 00:11:55.120 --> 00:11:57.720 But we've talked a lot about apps, operating systems all that. 268 00:11:58.240 --> 00:12:01.799 What about the network itself? Our phones are always connecting 269 00:12:01.799 --> 00:12:02.279 to something. 270 00:12:02.440 --> 00:12:07.639 Ah, yes, the network. Secure network communication is super important, 271 00:12:07.919 --> 00:12:10.799 especially when you're using public Wi Fi or sending sensitive 272 00:12:10.840 --> 00:12:12.159 information because. 273 00:12:11.840 --> 00:12:14.039 Public Wi Fi is like having a conversation in a 274 00:12:14.039 --> 00:12:14.919 crowded room. 275 00:12:15.039 --> 00:12:17.960 Anyone could be listening exactly, So how do we make 276 00:12:18.000 --> 00:12:21.600 sure those conversations stay private? Well, that's where HDTPS comes in. 277 00:12:21.879 --> 00:12:24.320 HTTPS. I've seen that little s at the end of 278 00:12:24.360 --> 00:12:26.480 website addresses, But what does it actually do? 279 00:12:27.159 --> 00:12:29.600 It encrypts. The data that's being sent between your device 280 00:12:29.600 --> 00:12:31.679 and the website server encrypts. 281 00:12:31.480 --> 00:12:34.679 So like making it unreadable to anyone who's trying to snoop. 282 00:12:34.919 --> 00:12:38.039 Precisely, it's like sending a secret message into code that 283 00:12:38.200 --> 00:12:40.320 only the intended recipient can decipher. 284 00:12:40.399 --> 00:12:42.759 Okay, that makes sense, But how do I know if 285 00:12:42.799 --> 00:12:45.279 a website is using HTTPS? 286 00:12:45.639 --> 00:12:48.759 Look for that HTTPS at the beginning of the web address, 287 00:12:49.000 --> 00:12:51.320 and also keep an eye out for a little padlock 288 00:12:51.639 --> 00:12:53.600 icon in your browser's address bar. 289 00:12:53.759 --> 00:12:56.440 Oh right, I've seen that padlock before. So those are 290 00:12:56.480 --> 00:13:00.159 like a seal of approval saying this connection is secure exactly. 291 00:13:00.440 --> 00:13:02.799 And when you're using apps, pay close attention to any 292 00:13:02.799 --> 00:13:04.600 security warnings or messages that. 293 00:13:04.519 --> 00:13:06.840 Pop up, because those are usually trying to tell me 294 00:13:06.879 --> 00:13:09.440 something important, like if an app is trying to connect 295 00:13:09.440 --> 00:13:10.240 to a shady server. 296 00:13:10.279 --> 00:13:13.000 You got it. It's always better to be safe than sorry. 297 00:13:13.159 --> 00:13:17.399 Avoid sending sensitive info over unsecured connections whenever possible. 298 00:13:17.559 --> 00:13:20.679 Okay, I'm definitely going to be more mindful of HTTPS 299 00:13:20.679 --> 00:13:22.120 and those warnings from now on. Good. 300 00:13:22.240 --> 00:13:24.519 It's all about those little things adding up to a 301 00:13:24.559 --> 00:13:25.759 more secure experience. 302 00:13:26.039 --> 00:13:29.320 Definitely. This whole deep dive has really been eye opening. 303 00:13:29.320 --> 00:13:32.360 There are so many layers to security there are. 304 00:13:32.639 --> 00:13:35.519 It's not just one thing. It's about understanding all the 305 00:13:35.559 --> 00:13:38.759 different pieces and how they work together to keep your data. 306 00:13:38.519 --> 00:13:45.279 Safe, secure, communication, operating systems, apps, user behavior, the device itself. 307 00:13:46.039 --> 00:13:48.759 Anything we missed hmmm, well. 308 00:13:48.600 --> 00:13:50.559 We touched on it briefly, but we could probably dive 309 00:13:50.600 --> 00:13:52.240 a little deeper into reverse engineering. 310 00:13:52.519 --> 00:13:55.039 Oh yeah, you mentioned that before. It's where someone tries 311 00:13:55.080 --> 00:13:57.480 to take apart an app to see how it works. Yeah, 312 00:13:57.519 --> 00:14:01.360 like taking apart a clock to see all the gears precisely. 313 00:14:01.559 --> 00:14:04.919 Now, that can be interesting for say a hobbyist, but 314 00:14:05.120 --> 00:14:06.600 how does it relate to security? 315 00:14:06.840 --> 00:14:07.879 Yeah, that's what I'm wondering. 316 00:14:08.039 --> 00:14:11.440 Well. While reverse engineering can be used for legitimate purposes 317 00:14:11.559 --> 00:14:14.759 like understanding a competitor's product, attackers can use it to 318 00:14:14.799 --> 00:14:15.879 find vulnerabilities. 319 00:14:16.120 --> 00:14:19.039 Ah, so they're basically looking for weaknesses in the app's 320 00:14:19.039 --> 00:14:20.240 code that they can exploit. 321 00:14:20.480 --> 00:14:24.240 Exactly by understanding how the app works internally, they can 322 00:14:24.279 --> 00:14:27.720 find those potential points of failure, those security flaws. 323 00:14:28.120 --> 00:14:31.039 It sounds pretty advanced. Do attackers actually do this with 324 00:14:31.159 --> 00:14:32.200 mobile apps. 325 00:14:32.480 --> 00:14:35.120 More often than you might think. It's a common tactic 326 00:14:35.120 --> 00:14:38.840 for finding vulnerabilities they can use to steal data bypass security, 327 00:14:38.960 --> 00:14:40.519 or even take control of a device. 328 00:14:40.919 --> 00:14:43.720 So it's like finding the blueprint to a building and 329 00:14:43.759 --> 00:14:45.960 then looking for weak spots in the design that you 330 00:14:46.000 --> 00:14:47.159 can exploit to break in. 331 00:14:47.399 --> 00:14:50.399 Exactly. Once they have that blueprint, they can start looking 332 00:14:50.399 --> 00:14:53.200 for ways to pick the locks, disable the alarms, find 333 00:14:53.240 --> 00:14:54.200 other ways to get in. 334 00:14:54.360 --> 00:14:57.200 Okay, this is getting a little creepy. Is there anything 335 00:14:57.240 --> 00:15:00.639 developers can do to protect their apps from this kind 336 00:15:00.639 --> 00:15:02.240 of reverse engineering? 337 00:15:02.440 --> 00:15:05.600 Absolutely? There are a bunch of techniques they can use 338 00:15:05.639 --> 00:15:08.799 to make it much harder for attackers to analyze their code, 339 00:15:09.039 --> 00:15:13.000 like what one common one is called code obfuscation. It's 340 00:15:13.039 --> 00:15:17.720 basically like scrambling that blueprint, making it way harder to understand, So. 341 00:15:17.679 --> 00:15:20.519 It's like writing a secret message in code that only 342 00:15:20.559 --> 00:15:23.360 the intended recipient can understand precisely. 343 00:15:23.879 --> 00:15:27.120 Obfuscation makes the code super complex and difficult to read. 344 00:15:27.639 --> 00:15:30.360 That can deter attackers or at least slow them down 345 00:15:30.360 --> 00:15:30.720 a lot. 346 00:15:30.799 --> 00:15:33.200 So it's not impossible to reverse engineer, but it makes 347 00:15:33.240 --> 00:15:36.360 it a lot harder. What else can developers do well? 348 00:15:36.440 --> 00:15:39.240 They can use anti debugging measures. Those make it tough 349 00:15:39.279 --> 00:15:42.440 for attackers to use specialized tools to analyze the app's 350 00:15:42.440 --> 00:15:43.240 code while. 351 00:15:43.000 --> 00:15:45.559 It's running, So it's like setting traps in a building 352 00:15:45.600 --> 00:15:47.360 to catch anyone who's trying to sneak in and. 353 00:15:47.279 --> 00:15:50.679 Study the layout exactly. And they can also use encryption 354 00:15:50.840 --> 00:15:54.120 to protect sensitive parts of the code, or even employ 355 00:15:54.240 --> 00:15:57.440 runtime integrity checks to see if the app's been tampered with. 356 00:15:57.919 --> 00:16:00.200 So it's like having multiple layers of security for. 357 00:16:00.159 --> 00:16:03.519 Your code exactly. It's all about making the app as 358 00:16:03.639 --> 00:16:08.000 difficult as possible to reverse engineer, protecting users and their data. 359 00:16:08.879 --> 00:16:11.360 This is fascinating. It's like a constant cat and mouse 360 00:16:11.399 --> 00:16:15.399 game between developers trying to build secure apps and attackers 361 00:16:15.440 --> 00:16:16.200 trying to break them. 362 00:16:16.440 --> 00:16:19.279 You got it. It's an ongoing challenge. Staying ahead of 363 00:16:19.320 --> 00:16:22.879 the curve requires vigilance and innovation from both sides. 364 00:16:22.639 --> 00:16:24.360 And users have a role to play too, right. 365 00:16:24.480 --> 00:16:27.039 Absolutely, users need to be aware of the risks, make 366 00:16:27.080 --> 00:16:30.000 smart choices about the apps they install, and practice good 367 00:16:30.039 --> 00:16:34.679 digital hygiene, strong passwords, being careful with permissions, all that 368 00:16:34.759 --> 00:16:35.919 good stuff, right. 369 00:16:35.759 --> 00:16:38.679 Because even the most secure app can be compromised if 370 00:16:38.679 --> 00:16:41.000 the user isn't careful or aware of the dangers. 371 00:16:41.120 --> 00:16:46.000 Exactly. It's a shared responsibility between developers, security pros and users. 372 00:16:46.399 --> 00:16:49.519 Well said, Okay, so we've covered a ton of ground 373 00:16:50.000 --> 00:16:56.480 secure communication, operating systems, apps, user behavior, reverse engineering. Anything 374 00:16:56.519 --> 00:16:59.080 we missed, anything else our listeners should know. 375 00:17:00.039 --> 00:17:02.679 Hm, Well, we've talked about security testing in general, but 376 00:17:02.720 --> 00:17:04.440 we haven't really dug into the specifics. 377 00:17:04.519 --> 00:17:08.279 Oh right, the actual tools and techniques that security professionals 378 00:17:08.359 --> 00:17:09.720 use to find vulnerabilities. 379 00:17:09.880 --> 00:17:11.680 Yeah, that's a whole other world. 380 00:17:11.599 --> 00:17:12.759 The world we need to explore. 381 00:17:12.799 --> 00:17:14.599 It sounds like definitely worth a deep dive. 382 00:17:14.759 --> 00:17:16.640 Well, sounds like we'll be back for part three. Then 383 00:17:16.799 --> 00:17:19.559 stay tuned, listeners. Oh all right, welcome back to the 384 00:17:19.599 --> 00:17:21.640 deep dive. We've been through a lot, haven't we. 385 00:17:21.640 --> 00:17:27.640 We have android iOS, jail breaking, rooting, even how attackers 386 00:17:27.680 --> 00:17:29.440 try to break into apps. 387 00:17:29.559 --> 00:17:32.400 It's been a wild ride. But now I'm really curious 388 00:17:32.400 --> 00:17:36.079 about how the good guys, the security experts, actually find 389 00:17:36.119 --> 00:17:38.160 those vulnerabilities before the bad guys do. 390 00:17:38.359 --> 00:17:41.440 Ah. Yes, it's like being a detective, you know, but 391 00:17:41.480 --> 00:17:44.119 instead of solving crimes, we're trying to prevent them. 392 00:17:44.440 --> 00:17:47.240 I like that mobile ab security detectives. So what kind 393 00:17:47.240 --> 00:17:50.200 of tools do these detectives use? What's in their arsenal? 394 00:17:50.440 --> 00:17:52.480 Well, we've got a lot of different approaches, but two 395 00:17:52.519 --> 00:17:56.200 of the most common are static analysis and dynamic analysis. 396 00:17:56.480 --> 00:17:58.799 Static and dynamic those sound familiar. 397 00:17:58.920 --> 00:18:01.680 Yeah, we touched on them briefly in Part one, remember. 398 00:18:01.359 --> 00:18:05.079 Right, right, But a little refresher wouldn't hurt. 399 00:18:05.240 --> 00:18:09.960 Sure. Static analysis is like h examining a blueprint before 400 00:18:10.000 --> 00:18:11.200 you actually build a house. 401 00:18:11.440 --> 00:18:12.319 Okay, I'm listening. 402 00:18:12.359 --> 00:18:15.640 We analyze the app source code without actually running it. 403 00:18:15.960 --> 00:18:19.200 We're looking for any weaknesses in the design, flaws that 404 00:18:19.240 --> 00:18:20.720 could cause problems later on. 405 00:18:20.960 --> 00:18:23.200 So it's like a code inspection, looking for anything that 406 00:18:23.240 --> 00:18:25.559 seems off or risky exactly. 407 00:18:25.640 --> 00:18:30.640 We're looking for things like, hmm, insecure coding practices, logical errors, 408 00:18:31.079 --> 00:18:33.240 you know, those kind of things that attackers could exploit. 409 00:18:33.400 --> 00:18:36.920 Okay, that makes sense. And dynamic analysis, how's that different? 410 00:18:37.240 --> 00:18:40.480 Dynamic analysis is more like observing the house after it's built, 411 00:18:40.880 --> 00:18:43.359 seeing how people are using it, looking for any signs 412 00:18:43.400 --> 00:18:43.920 of trouble. 413 00:18:44.039 --> 00:18:45.319 Okay, I see where you're going with this. 414 00:18:45.480 --> 00:18:47.960 We actually run the app in a controlled environment and 415 00:18:48.079 --> 00:18:52.200 monitor its behavior, looking for any suspicious activity, any signs 416 00:18:52.200 --> 00:18:53.160 of a security breach. 417 00:18:53.480 --> 00:18:56.319 So it's like stress testing the app, pushing it to 418 00:18:56.359 --> 00:18:58.440 its limits to see if anything breaks Haha. 419 00:18:58.680 --> 00:19:00.640 That's a great way to put it. We're looking for 420 00:19:00.680 --> 00:19:05.200 things like memory leaks, buffer overflows, vulnerabilities that might not 421 00:19:05.279 --> 00:19:07.680 be obvious just by looking at the code. 422 00:19:07.839 --> 00:19:10.839 So static is like checking the blueprints, dynamic is like 423 00:19:10.880 --> 00:19:12.319 watching the house in action. 424 00:19:12.519 --> 00:19:15.440 Exactly, and by combining both we get a much more 425 00:19:15.480 --> 00:19:18.799 complete picture of the apps. Security makes sense. 426 00:19:19.279 --> 00:19:22.240 Now are there specific tools you guys use for all this? 427 00:19:22.400 --> 00:19:25.599 Oh? Yeah, tons. Some are designed for specific platforms, some 428 00:19:25.640 --> 00:19:29.319 are more general purpose. You've got commercial tools, open source tools. 429 00:19:29.359 --> 00:19:30.359 It's a whole world. 430 00:19:30.720 --> 00:19:32.880 I bet can you give some examples, like what are 431 00:19:32.920 --> 00:19:34.039 these tools actually do? 432 00:19:34.640 --> 00:19:38.559 Sure? For static analysis, there are tools like Sonarcube and 433 00:19:38.680 --> 00:19:42.319 check marks. They scan the code for potential vulnerabilities, like. 434 00:19:42.240 --> 00:19:44.920 Those automated grammar checkers that find mistakes in your writing, 435 00:19:45.160 --> 00:19:45.759 kind of like that. 436 00:19:46.240 --> 00:19:51.039 They highlight things like SQL injection flaws, cross sites, scripting vulnerabilities, 437 00:19:51.359 --> 00:19:53.039 all those common security weaknesses. 438 00:19:53.079 --> 00:19:55.720 So they're like little robot code detectives sniffing out anything 439 00:19:55.759 --> 00:19:56.680 that looks suspicious. 440 00:19:56.920 --> 00:20:00.160 H huh exactly. They can analyze thousands of lines of 441 00:20:00.200 --> 00:20:04.000 code in minutes, finding stuff that human reviewers might miss. 442 00:20:04.119 --> 00:20:07.720 That's amazing. What about dynamic analysis tools? Any cool ones there. 443 00:20:07.799 --> 00:20:10.440 Oh, yeah, for sure. We use tools like burp Suite 444 00:20:10.839 --> 00:20:14.960 and oas bas t they act as proxies, basically intercepting 445 00:20:15.000 --> 00:20:16.559 traffic between the app and the server. 446 00:20:16.839 --> 00:20:20.119 Intercepting traffic like spying on the app's conversations. 447 00:20:20.240 --> 00:20:24.559 Huhuh kinda. We can analyze that communication look for anything fishy, so. 448 00:20:24.640 --> 00:20:27.960 Like if the app is leaking sensitive information exactly. 449 00:20:28.000 --> 00:20:32.839 We can test for insecure data transmission, authentication bypasses, you know, 450 00:20:32.920 --> 00:20:35.240 things that happen while the app is actually running. 451 00:20:35.440 --> 00:20:37.440 This is fascinating. It's like you guys have all these 452 00:20:37.440 --> 00:20:40.319 secret weapons to catch those hit or vulnerabilities, you. 453 00:20:40.240 --> 00:20:43.839 Could say that. And on top of static and dynamic analysis, 454 00:20:43.839 --> 00:20:47.119 we also use something called penetration testing or pen testing. 455 00:20:47.240 --> 00:20:49.720 Penetration testing. That sounds kind of scary. 456 00:20:49.480 --> 00:20:51.799 It is, but it's a good kind of scary. It's 457 00:20:51.839 --> 00:20:53.400 basically like ethical hacking. 458 00:20:53.440 --> 00:20:54.240 Ethical hacking. 459 00:20:54.319 --> 00:20:57.440 Yeah, so like hacking for good exactly. We try to 460 00:20:57.480 --> 00:21:00.319 attack the app like a real attacker would, use all 461 00:21:00.319 --> 00:21:03.000 the tools and techniques at our disposal to see if you. 462 00:21:02.920 --> 00:21:05.079 Can find any weaknesses that you might have missed with 463 00:21:05.119 --> 00:21:06.000 the other methods. 464 00:21:06.400 --> 00:21:10.839 Yep. We try to exploit known vulnerabilities, find new ones 465 00:21:11.240 --> 00:21:13.839 really put the apps security to the test, so. 466 00:21:13.799 --> 00:21:16.640 It's like a real world combat simulation, seeing how well 467 00:21:16.680 --> 00:21:19.440 the app holds up against a real attacker exactly. 468 00:21:19.599 --> 00:21:23.599 It's crucial for finding and fixing those vulnerabilities before the 469 00:21:23.640 --> 00:21:24.920 bad guys can exploit them. 470 00:21:25.000 --> 00:21:27.680 It sounds like pen testing is especially important these days 471 00:21:27.880 --> 00:21:30.000 with all the sophisticated cyber attacks happening. 472 00:21:30.039 --> 00:21:32.400 It is it helps keep users safe, which is what 473 00:21:32.440 --> 00:21:33.839 it's all about at the end of the day. 474 00:21:33.960 --> 00:21:37.319 Absolutely, wow, this has been a truly incredible deep dive. 475 00:21:37.359 --> 00:21:39.720 I'm really impressed by all the work that goes into 476 00:21:40.039 --> 00:21:41.359 keeping our apps secure. 477 00:21:41.759 --> 00:21:45.319 It's definitely a team effort, developers, security professionals, users, we 478 00:21:45.359 --> 00:21:46.359 all have a part to play. 479 00:21:46.440 --> 00:21:50.359 Well said, and to our listeners, stay vigilant, stay informed, 480 00:21:50.559 --> 00:21:51.799 and stay secure out there.