Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a fascinating conference talk from the 38th Chaos Communication Congress (38C3) that delves into an accidental massive-scale investigation of Android native libraries. Learn how a simple scraping script error led to downloading native libraries from approximately 8 million Android applications across various markets, spawning an extensive research project into vulnerability assessment. Follow along as speakers Luca Di Bartolomeo and Rokhaya Fall share their journey through scraping challenges, IP-ban evasion techniques, binary similarity analysis methods, and their discoveries about the state of security patching in the Android ecosystem. Gain insights into the intersection of Play Store scraping, Androzoo data collection, Maven repository analysis, and the surprising revelations about how Android developers handle security updates for native dependencies. Understand the complexities of managing large-scale binary analysis and the unexpected consequences of database management assumptions in security research.
