GDG Tech Sessions — GDG Coimbra Edition – A peek at Android 11 Security and Privacy
Since 2006, the Android operating system has been growing year after year. Today, the Android OS has approximately 2.5 billion monthly active devices.
If new features are given to the users, new tools are also provided to the developers, in order to improve the experience with the OS.
The Android 11 is no exception to the rule that has been followed. APIs for 5G, debugging improvements and better migration tools are some examples of the new or improved tools for developers. This presentation, however, will give you an overview of two other great features with Android 11: scoped storage, and data privacy and protection.
Talk #1: Scoping Scoped Storage (by @cafonsomota)
This is still a sensitive subject to most of us due to the impact it had on most apps, but a most needed one! Scoped storage is one of the most important security features that has been released that empowers the user to have the final word when an app is accessing external files.
In this talk, we’re going to share our pains about these developments and how everything will get better at the end.
Talk #2: Tracking your permissions with data access auditing (by @rcosteira79)
Android has come a long way when it comes to permission handling for data privacy. By getting rid of those terrifying install dialogs with huge lists of required permissions and favouring runtime permissions instead, the framework gave back the users control of how apps can access their data. This model also allows us, the developers, to ask users for each permission at the right time, effectively increasing the odds of them giving us a little bit of their privacy to work with.
Now, this is all fun and games until someone gets hurt. And by someone, I mean us, the developers, when our apps grow both in size and complexity. Add in the fact that developer teams change over time, and you got yourself a recipe for disaster. Soon enough, it’s highly likely that you’ll have permission handling code sprinkled throughout your codebase (because, you know, it made sense at some point). Worst case scenario, you’ll actually end up asking users for permissions in places where it doesn’t even make sense to ask for them. And what do users do when they get asked for location access when trying to zoom in a picture? Yup, instant uninstall, probably followed by a 1 star review.
Fortunately, Android 11 brings a shiny new feature called data access auditing, that was designed to avoid scenarios like the one described above. In this talk, I’ll explore data access auditing, and how it aims to provide more transparency into how our apps and their dependencies access private data.
Who are the speakers?
Ricardo is an android dev with a crush on clean code and software architecture. He’s a senior engineer at Mindera, where he works on a retailer app. Ricardo loves Android and the community, so it’s only natural that he tries to have an active part in it! He’s a co-organizer of GDG Coimbra, a co-founder of a group called Kotlin Knights, and occasionally writes (mostly about Android) either at his site, ricardocosteira.com, or for Ray Wenderlich’s android tutorials.
Who can enrol at this event?
Everyone 🙌.
If you have any question, reach at host organizers by sending a message geral@tech-sessions.com.
SCHEDULE
8th July 2020 | 19:00 CEST
19:00 – 19:05 – Tech Session Presentation (5 min)
Brief introduction to the initiative, with the participation of the promoters, showing useful data.
19:05 – 19:10 – Guest GDG introduction: GDG Coimbra (5 min)
Brief introduction to the guests GDG, GDG leaders and speakers.
19:10 – 19:30 – Guest speaker’s talk (20 min)
Presentation of the topic in the form of slides provided by the speaker.
19:30 – 19:45 – Discussion panel, Q&A (15 min)
The Q&A is intended to be made by the public along with the session, not only at the end — the most upvoted questions will be answered.
19:45 – 20:05 – Guest speaker’s talk (20 min)
Presentation of the topic in the form of slides provided by the speaker.
20:05 – 20:20 – Discussion panel, Q&A (15 min)
The Q&A is intended to be made by the public along with the session, not only at the end — the most upvoted questions will be answered.
20:20 – 20:25 – Final remarks (5 min)
Thank you guest GDG and speaker’s participation.