Droidcon India 2014

Droidcon India’s fourth edition

Sorry State of Security in Indian Mobile App Ecosystem

Submitted by srinivas kodali (@iotakodali) on Tuesday, 21 October 2014

videocam_off

Technical level

Beginner

Section

Security – crisp talks

Status

Submitted

Vote on this proposal

Login to vote

Total votes:  0

Objective

Indian firms are reallly proud of their mobile apps, yet they dont realize how easy it is to reverse engineer one especially when you dont bother about the security. Indian app ecosystem is highly vulnerable to attacks and these firms dont have any intrusion detection measures.

Developers dont bother about security, product managers only care of the UI. This talk is about the blame game and real world loopholes in mobile applications. Security doesnt come into play unless you are being forced to make your app secure from your competitors & not hackers.

This is a generic talk on the current state of app ecosystem.

Description

The talk will focus on the real life security blunders our so called Android Developers incorporate into their applications. The following topics will be focused on.

How consultants to the Indian Govt. make shitty Govt. apps at 1000% profit without the ad money. How individual developers point their APIs directly to vulnerable Govt. endpoints without realising their apps will break when they shut them out. How multi-crore startups fail to address user security and become a leaky pipe full of information. How sensitive proprietary information is available at no cost for competitors to develop apps.

I will not name any specific firm, except the industry and the consequences of your actions.

Speaker bio

I am Srinivas Kodali, a polygot programmer working on transportation applications for past 2 years. I try to solve civic issues using technology. I am part of the open-access movement in India and try to make public data available for research. I am a speaker in meetups on opendata and urban tranport.

I am working with the chaloBEST project to help improve public transport. For me android is the best way of information dissemination to solve civic issues and engage communities. I see a lot of security issues with sensitive data specially in Govt. and multicrore company applications in my line of work.

Comments

  • 1
    Umang Jaipuria (@umangjaipuria) 4 years ago

    Is this a high-level talk, or will you be talking about specific security holes?

  • 1
    srinivas kodali (@iotakodali) Proposer 4 years ago

    No this is not a high level talk. I proposed another high level talk on user and app data. For this talk I intend to talk about security blunders I came across multiple top Indian applications on play store. Also the current state of the ecosystem, how bad it is and how we should try to improve it.

Login with Twitter or Google to leave a comment