Mastering Android Privacy & Security

Become an expert for wide-ranging privacy and security topics!

What you'll learn

Understand how to design apps with privacy and security in mind

Be able to discuss a wide variety of privacy and security-related topics

Know about fundamental Android security concepts

Understand symmetric and asymmetric cryptography algorithms, and how to apply it on Android

Understand hashing algorithms, and how to apply it on Android

Learn how to protect data at rest and data in transit

Requirements

Some prior experience in mobile app development (preferably Android) is expected

Description

Gain insightful knowledge about a wide spectrum of privacy and security topics in this course. In general, many topics are relevant across platforms and technologies such as cryptography and authentication & authorization standards. Specifically for Android, there is a deep dive into all the individual topics. This includes fundamental concepts, best practices, detailed walkthroughs, and plenty of demos taught by a Tech Lead of a Google Developer Agency. Stefan started developing Android apps - almost from Android's birth - in 2011, and since then had to design and develop a handful of Android apps. The apps involved privacy and security aspects as well and therefore he wants to share his experience in this course.Privacy and security topics are often overlooked when designing and developing mobile apps because the concepts are often unclear. However, it is important to develop apps with privacy and security in mind to improve UX, data safety, and finally user satisfaction. Depending on the app to be developed, there may be special requirements when it comes to privacy and security, too. Furthermore, when you apply for a job at any of the big FAANG companies, system design questions are likely to involve privacy and security aspects. So, knowing in detail about these topics will help you to stand out against other applicants.More than 12 hours of on-demand video content will cover what you need to know to master privacy & security:Learn about privacy & security concepts on Android by gaining lots of overall knowledge, knowing best practices, following detailed walkthroughs and demosBe well prepared for system design interviews at any of the big FAANG companies when it comes to privacy & security-related topicsKnow how to improve privacy by minimizing permission requestsApproaches to ensure user data privacy: Package visibility, data storage & device IDsApply data access auditing and other techniques to ensure transparency & controlDeep dive into security concepts Android is built upon: From kernel security to app securityHow to use the Android Keystore system for secure storage of a device's Trusted Execution Environment or Secure ElementUnderstand symmetric & asymmetric cryptography, and hashing: Concepts, algorithms walkthrough, demos, implementation on AndroidGet insights into how to protect local data including EncryptedFile and EncryptedSharedPreferences, and secure SQL & NoSQL databasesDiscussion of network security concepts: Public Key Infrastructure & TLSChoosing the right approach to securely transmit network data on Android by using certificate pinning, certificate transparency, or the Android network security configOverview of authentication & authorization standards like OAuth 2.0 and OpenID Connect, and how they can be applied on Android

Overview

Section 1: Introduction

Lecture 1 Introduction

Lecture 2 Course Overview

Lecture 3 Download your slides

Section 2: Privacy: Permissions

Lecture 4 Permissions

Lecture 5 Permissions: Overview

Lecture 6 Permissions: Intro

Lecture 7 Permissions: Workflow

Lecture 8 Permissions: Demo

Lecture 9 Permissions: Special Permissions

Lecture 10 Permissions: Best Practices

Lecture 11 Permissions: Request Minimization

Lecture 12 Permissions: Demo Request Minimization

Lecture 13 Permissions: Prominent Disclosure & Consent

Section 3: Privacy: Location

Lecture 14 Location

Lecture 15 Location: Overview

Lecture 16 Location: Intro

Lecture 17 Locations: Background

Lecture 18 Location: Permission Best Practices

Lecture 19 Location: Use Minimization

Lecture 20 Location: Demo

Section 4: Privacy: Data

Lecture 21 Data

Lecture 22 Data: Overview

Lecture 23 Data: Package Visibility

Lecture 24 Data: Package Visibility Use Cases

Lecture 25 Data: Scoped Storage

Lecture 26 Data: Unique Identifiers

Lecture 27 Data: Unique Identifiers Use Cases

Section 5: Transparency & Control

Lecture 28 Transparency & Control

Lecture 29 Transparency & Control: Overview

Lecture 30 Transparency & Control: Data Access Auditing

Lecture 31 Transparency & Control: Data Access Auditing Demo

Lecture 32 Transparency & Control: Data Safety

Lecture 33 Transparency & Control: Data Safety Demo

Lecture 34 Transparency & Control: Privacy UI Elements

Lecture 35 Transparency & Control: Privacy UI Elements Demo

Section 6: Privacy: App Hibernation

Lecture 36 App Hibernation

Section 7: Privacy: Privacy Sandbox

Lecture 37 Privacy Sandbox

Lecture 38 Privacy Sandbox: Overview

Lecture 39 Privacy Sandbox: SDK Runtime

Lecture 40 Privacy Sandbox: Privacy-Preserving APIs

Section 8: Security: Android Security Concepts

Lecture 41 Android Security Concepts

Lecture 42 Android Security Concepts: Overview

Lecture 43 Android Security Intro

Lecture 44 Kernel Security: Linux Kernel

Lecture 45 Kernel Security: App Sandbox

Lecture 46 Kernel Security: SELinux

Lecture 47 Kernel Security: Verified Boot

Lecture 48 Kernel Security: Rooting

Lecture 49 Kernel Security: User Security

Lecture 50 Kernel Security: Additional Concepts

Lecture 51 App Security: Permissions

Lecture 52 App Security: IPC

Lecture 53 App Security: Signing

Lecture 54 App Security: Additional Concepts

Section 9: Security: Secure Storage

Lecture 55 Secure Storage

Lecture 56 Secure Storage: Overview

Lecture 57 Secure Storage: Trusty TEE

Lecture 58 Secure Storage: Secure Element

Lecture 59 Secure Storage: Keystore

Lecture 60 Secure Storage: Authentication

Lecture 61 Secure Storage: Applications

Section 10: Cryptography

Lecture 62 Cryptography

Lecture 63 Cryptography: Overview

Lecture 64 Cryptography: Intro

Lecture 65 Symmetric Cryptography

Lecture 66 Symmetric Cryptography: Modes of Operation

Lecture 67 Modes of Operation: ECB

Lecture 68 Modes of Operation: CBC

Lecture 69 Modes of Operation: CFB

Lecture 70 Modes of Operation: OFB

Lecture 71 Modes of Operation: CTR

Lecture 72 Symmetric Cryptography: Data Encryption Standard

Lecture 73 Data Encryption Standard: Walkthrough

Lecture 74 Data Encryption Standard: Demo

Lecture 75 Cracking Data Encryption Standard

Lecture 76 Symmetric Cryptography: Triple DES

Lecture 77 Triple DES: Demo

Lecture 78 Symmetric Cryptography: Advanced Encryption Standard

Lecture 79 Advanced Encryption Standard: Walkthrough

Lecture 80 Advanced Encryption Standard: Demo

Lecture 81 Cracking Advanced Encryption Standard

Lecture 82 Asymmetric Cryptography Intro

Lecture 83 Asymmetric Cryptography: Diffie-Hellman Key Exchange

Lecture 84 Diffie-Hellman Key Exchange: Example

Lecture 85 Diffie-Hellman Key Exchange: Demo

Lecture 86 Cracking Diffie-Hellman Key Exchange

Lecture 87 Asymmetric Cryptography: RSA

Lecture 88 RSA: Example

Lecture 89 RSA: Demo

Lecture 90 Cracking RSA

Lecture 91 Asymmetric Cryptography: Elliptic Curve Cryptography

Lecture 92 Elliptic Curve Cryptography: Diffie-Hellman Algorithm

Lecture 93 Elliptic Curve Cryptography: Digital Signature Algorithm

Lecture 94 Elliptic Curve Cryptography: Demo

Lecture 95 Asymmetric Cryptography: ECC vs. RSA

Lecture 96 Cracking Elliptic Curve Cryptography

Lecture 97 Android KeyStore System

Lecture 98 Android KeyStore System: Demo

Lecture 99 Hashing: Intro

Lecture 100 Hashing: MD5

Lecture 101 Hashing: SHA-1

Lecture 102 Hashing: SHA-1 vs. SHA-2 vs. SHA-3

Lecture 103 Hashing: SHA-2 Adoptions

Lecture 104 Hashing: SHA-3

Lecture 105 Hashing: Demo

Lecture 106 HMAC

Lecture 107 HMAC: Demo

Section 11: Local Data Protection

Lecture 108 Local Data Protection

Lecture 109 Local Data Protection: Overview

Lecture 110 Storage Types: File System Storage

Lecture 111 Media Permissions: Android 13 & 14

Lecture 112 Media Permissions: Demo

Lecture 113 Storage Types: SharedPreferences & DataStore

Lecture 114 Storage Types: SQL & NoSQL Databases

Lecture 115 Jetpack Security: Intro

Lecture 116 Jetpack Security: MasterKey

Lecture 117 Modes of Operation: Galois Counter Mode

Lecture 118 MasterKey: Demo

Lecture 119 Jetpack Security: EncryptedFile

Lecture 120 EncryptedFile: Demo

Lecture 121 Jetpack Security: EncryptedSharedPreferences

Lecture 122 AES256-SIV-CMAC

Lecture 123 EncryptedSharedPreferences: Demo

Lecture 124 Securing DataStore

Lecture 125 SQL Databases: Passcode-based Encryption

Lecture 126 NoSQL Databases: Security Considerations

Section 12: Network Data Protection

Lecture 127 Network Data Protection

Lecture 128 Network Data Protection: Overview

Lecture 129 Public Key Infrastructure

Lecture 130 Transport Layer Security (TLS)

Lecture 131 Certificate Pinning

Lecture 132 Certificate Transparency

Lecture 133 Certificate Transparency: Demo

Lecture 134 Certificate Revocation

Lecture 135 Network Security Config

Lecture 136 Network Security Config: Demo

Section 13: Authentication & Authorization

Lecture 137 Authentication & Authorization

Lecture 138 Authentication & Authorization: Overview

Lecture 139 Authentication vs. Authorization

Lecture 140 Biometric Authentication

Lecture 141 Biometric Authentication: Demo

Lecture 142 User Authentication: Authentication Methods

Lecture 143 Credential Manager

Lecture 144 WebAuthn

Lecture 145 Credential Manager: Demo

Lecture 146 OAuth 2.0

Lecture 147 OAuth 2.0: Google OAuth 2.0 for Mobile

Lecture 148 OAuth 2.0: Demo

Lecture 149 Refresh Token

Lecture 150 OpenID Connect

Lecture 151 JSON Web Token (JWT)

Lecture 152 ID Token

Lecture 153 OpenID Connect: Google Identity Services

Lecture 154 Single Sign-on (SSO)

Lecture 155 APIs: Basic Authentication

Lecture 156 APIs: API Keys

Lecture 157 APIs: OAuth 2.0

Lecture 158 APIs: JWT

Section 14: Additional Topics

Lecture 159 Google I/O 2023: Privacy & Security Updates

Section 15: Outro

Lecture 160 Recap

Android developers wanting to deep dive into privacy and security,Software engineers preparing for system design interviews