Google recently introduced R8, a new tool designed to replace ProGuard as the default shrinker in the Android build process. R8 is meant to produce as-good-or-better outputs than ProGuard, and to do so faster than ProGuard does, thereby reducing overall build times. It will be enabled by default in the next release of Android Gradle Plugin (v3.4).
This change removes a long-standing component (ProGuard) and replaces it with entirely-new code that does essentially the same thing. Why would Google do such an expensive, risky thing?
The booths are gone, the lights are off and the conference halls are empty. It’s a wrap for RSAC 2019, but IT pros aren’t going home empty-handed: Here’s a roundup of this year’s key topics, critical outcomes and biggest surprises.
No “I” in Team
This year’s RSA Conference opted for a simple, one-word theme: Better.
While it’s certainly aspirational, what does it mean in practice? For RSA, it’s a recognition that security doesn’t happen in a vacuum, that infosec pros must work together to find better solutions, make better connections and make the world a better place. Given the often-fragmented nature of corporate IT security — RSA’s focus on empowering the “collective we” in cybersecurity makes sense: Evolving, adaptable threats won’t be defeated by companies operating in isolation.
30 Entrepreneurial technology companies demonstrate growing adoption of Application Shielding controls to meet client Regulatory and Compliance obligations.
San Francisco, CA. RSA Conference, March 5, 2019: PreEmptive Solutions announced today significant expansion and innovation in the adoption and implementation of Application Shielding controls among its entrepreneurial technology clients – especially those targeting highly regulated markets.
Application Shielding is evolving from an enterprise-class security control to a salable app feature
Application Shielding, a form of application security, encompasses anti-tampering and hardening capabilities such as anti-debugging, anti-emulation and obfuscation. Already recognized as an enterprise application control, smaller application vendors are embracing these controls, not to secure their own interests, but to meet regulatory and compliance obligations of their target markets, e.g. financial service, healthcare, etc. As Application Shielding becomes more mainstream within enterprises, it is also emerging as a product feature used to differentiate supplier application offerings.
There’s an app for that.
Apple’s (now trademarked) slogan is perhaps more telling than the company intended: Organizations rise and fall on the strength of applications — well-integrated, full-featured apps can help drive market success, while offerings more limited in scope and functionality may prove disastrous.
The sheer volume of both external and internal applications has also created a new challenge for companies: Risk management. Cybercriminals are both creating custom code and leveraging tools available on the Dark Web to compromise applications, steal corporate data and wreak network havoc.
GDPR fines were inevitable. Despite years of lead-up and months of warning before the legislation came into effect last May, many companies simply weren’t prepared for the complex (and evolving) nature of EU privacy expectations.
Now search giant Google is in the compliance law’s cross hairs: As noted by Bloomberg, Google has been assessed a $57 million fine because it “fails to adequately explain how it collects data to offer personalized advertising.” For some experts, the fine is a warning of things to come — companies must improve their data handling or face the consequences. For others, the penalties are a step too far with a purpose too vague.
The hard truth? No matter where opinions fall, GDPR fines are now out in full force — and your application could be next.
Hackers are winning. As noted by Information Age, data breach reports are up 75 percent over the last two years — while part of this increase is tied to emerging legislation and disclosure requirements, a quick look at tech headlines makes it clear that attackers are coming out ahead in the fight to keep corporate networks, applications and data secure.
But it’s not all bad news. Armed with knowledge of the current breach landscape — along with actionable insight to protect critical assets — organizations can start to even the score and put hackers on the defensive. Here’s what you need to know.
DashO 9.2 is available for immediate download and includes two powerful new controls:
1) Emulator Check, a new injectable control that
- Detects when a hardened app is being executed on an emulator (even if that emulator is not rooted), and
- Responds with the one or more pre-defined defenses and/or app-specific defenses – all in real-time.
Butter Knife is an annotation processing library that helps streamline boilerplate Java code in Android views. At compile time, Butter Knife annotations are processed to generate the relevant UI code to make views function properly.
When obfuscating applications that use Butter Knife, there are specific configuration patterns you should follow. The code that connects generated classes to their views uses runtime reflection under the hood. Because of this, the original name of the View is required.
When configuring DashO we need to: