• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Big Nerd Ranch Guide: Discussion on Security?

 
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Do you discuss how to right secure Android applications? Do you discus how to prevent the OWASP top ten security vulnerabilities using Java and the Java Android libraries?
 
Author
Posts: 26
5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

DavidJohn Raymond wrote:Do you discuss how to right secure Android applications? Do you discus how to prevent the OWASP top ten security vulnerabilities using Java and the Java Android libraries?



We do not talk too much about security in the book (its certainly not a focus). There are a few areas that we touch on, like where you should/shouldn't be storing data (and what kind of data). When we talk about databases, we perform queries in a way that is safe from SQL injection attacks. To my knowledge, there's nothing in the book that we do that is bad from a security standpoint. But, like I said, security is not the focus of the book.

We are interested in security and are working on an Android Security course. My coworker, Bolot, is actually a top contributor to the OWASP Mobile Security Testing Guide. You can see that work for free: https://github.com/OWASP/owasp-mstg
 
DavidJohn Raymond
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I think it is great that your examples are going to be ones that you feel represent best practices. I think it is important that books should use the best quality code that is as close to production quality as possible especially for a new platform that is unfamiliar to some of us. I would be very interested in Android Secure Code training.
 
Saloon Keeper
Posts: 7602
177
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Security is such an important topic for mobile that I advise to get a proper grounding by reading a book geared for that, like Application Security for the Android Platform, or the Android Security Cookbook. Both (but especially the former, short as it is) were eye openers that caused me adopt several new approaches in my apps.
 
Doe, a deer, a female deer. Ray, a pockeful of sun. Me, a name, I call my tiny ad ...
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic