Andre Lopes
I am a developer who became a security consultant in order to gain more perspective as to how other organisations build their infrastructure and handle their security. I am currently working in mobile division at MWR Cybersec.
Session
07-20
10:30
45min
Terribly Layered Security - The common security failings of cryptography implementations for mobile
Connor du Plooy, Andre Lopes
This talk will delve into the intricate world of transport security, specifically within mobile applications, highlighting the terrifying vulnerabilities that can be introduced into your applications unknowingly. We will explore how these security flaws can be exploited by threat actors, compromising data integrity and user privacy. The presentation will cover critical aspects such as host name validation, certificate chain validation, certificate/public key pinning and even the use of custom cr
Track 1