Ultrawide Archaeology on Android Native Libraries - Security Analysis and Vulnerability Assessment
media.ccc.de via YouTube
Master Production-Ready Machine Learning, Step by Step
2,000+ Free Courses with Certificates: Coding, AI, SQL, and More
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore a 40-minute conference talk from the Chaos Communication Congress (38C3) that delves into an accidental massive-scale investigation of Android native libraries. Learn how a simple scraper script bug led to downloading native libraries from approximately 8 million Android applications across various markets, unveiling widespread vulnerability issues. Follow along as speakers Luca Di Bartolomeo and Rokhaya Fall share their journey through scraping challenges, IP-ban evasion techniques, binary similarity analysis methods, and their discoveries about the state of security patching in the Android ecosystem. Discover insights from their comprehensive study covering Play Store scraping, Androzoo scraping, Maven repository analysis, and the unexpected consequences of database management assumptions, all while debunking myths about Android developers' approach to security updates and vulnerability management.
Syllabus
38C3 - Ultrawide archaeology on Android native libraries
Taught by
media.ccc.de