Speaker details
Silicon Valley Code Camp 2017

Sam Bowne

City College San Francisco
Sam Bowne
Sam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks at CodeCamp, DEFCON, BayThreat, LayerOne, and Toorcon, and taught classes and seminars at many other schools and teaching conferences. He has a Ph.D. and a CISSP and a lot of other certifications, and a lot of computer and cables and firewalls and stuff.
{speaker.firstName} {speaker.lastName}

Speaking Sessions

  • Passwords on a Phone

    3:00 PM Sunday   Room: Town Square B
    Almost all Android apps from major retailers store your password on the phone, which is dangerous and unnecessary. And they don't even use the Android KeyStore; they just use custom encryption schemes that generate a key in predictable ways, so passwords are easily recoverable. This is “fake encryption” – the data appears to be encrypted but in fact is not actually protected from attackers.

    The Safeway app is typical: it encrypts passwords with AES, generating the key from other values that are stored on the phone. I notified Safeway of this in April, 2017, but they never fixed it.

    I will present results of my tests of many top retailers, and demonstrate how to steal passwords from them. I will also list a few (very few) companies who actually protect their customers' passwords properly.

    The purpose of this talk is to raise awareness of the poor quality of retail Android apps, and to encourage developers into improving their products.

Silicon Valley Code Camp 2017 PayPal Town Hall

Code Stars Summit, Silicon Valley Code Camp, AngularU (tm) are trademarks of 73rd Street Associates (Copyright © 2021)
Site Built with React and Apollo GraphQL Client and Server
Built by PeterKellner.net

Select a Past SV Code Camp Year to View

Learn JavaScript Course