Bulletproof Android

In Bulletproof Android, Godfrey Nolan brings together comprehensive, up-to-date best practices for writing apps that resist attack and won't leak information: yours, or your users. Unlike other Android security books focused on "breaking" code, Bulletproof Android focuses on strengthening code security throughout your entire development lifecycle. Nolan thoroughly addresses crucial issues including: * Protecting code that communicates with back-end web servers * Safeguarding Android databases, including SQLite and SQLcipher * Resisting web service attacks via XSS, SQL injection, and other means * Using webviews securely * Enabling secure user login and information transmission * Protecting code and business rules from reverse engineering * Safely integrating third-party libraries * Taking advantage of encryption, SELinux, Knox, and Mobile Device Management * Futureproofing code: DVM, ART, and beyond * And much more Each tactic and technique is presented with working code examples and practical advice -- including expert insights into pros, cons, and tradeoffs. All source code is available for download, and each subsection is supported with a complete sample app that demonstrates security problems and how to solve them.