The FIDO Alliance isn't a fan club for dogs, but a consortium of big tech companies that's trying to make authentication more secure. The Alliance has a lofty goal: To kill the password and replace it with something better. Enter the passkey.You've probably read a blog post or two about it, but you may be wondering what the fuss is all about. We invited two of the foremost experts on the topic to join us on Android Bytes and explain how passkeys work and why we're better off without passwords. Christiaan Brand is a Product Manager on Identity and Security at Google and Tim Cappalli is an Identity Standards Architect at Microsoft.03:09 - What's wrong with passwords?05:17 - How did we get to passkeys?07:47 - How do passkeys reinvent authentication?11:50 - What is the FIDO Alliance? 14:38 - Are passkeys convenient to use?15:47 - What is WebAuthn, CTAP, and FIDO2?18:01 - What is a FIDO credential? What is the meaning of "passkey"?21:57 - At a high level, how do passkeys actually work?24:47 - What makes passkeys more resilient to phishing and data breaches?25:52 - How are passkeys backed up?27:15 - What happens if you forget that you made a passkey for a certain site?28:01 - Can you reuse passkeys?28:51 - Can passkeys be exported or transferred between password managers (passkey managers?)?31:44 - How do you use a passkey stored on your phone to login to a website on your PC (or vice versa)?35:50 - Is there a fallback method to support legacy devices? How long will passwords stick around?40:41 - Can you create a passkey for an existing account?41:28 - What will happen to physical security keys?Learn more about passkeys at passkeys.dev and developers.google.com/identity/passkeys.Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

It's dangerous to go alone! Take us with you!In this episode, we're joined by our very own Jon West and Nikhil Punathil at Esper to discuss a key part of what we do here — getting AOSP up and running on ARM and x86 hardware. If you want to port AOSP, it's not as easy as just compiling an image from Google's git repos and slapping it onto a device.05:59 - What is a device bring-up? What are some of the challenges in doing a bring-up?10:58 - How do AOSP developers deal with a lack of kernel source code?18:16 - How did Project Treble affect building AOSP?26:54 - How does Android on x86 differ from Android on ARM?29:48 - What problem does the Generic Kernel Image try to solve?35:22 - How long does Google support a particular AOSP release? What can AOSP developers do once support has ended?Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

As a manufacturer, building an Android phone to the spec you want has its challenges and costs. You need to deal with dozens of regulatory agencies and standards bodies as well as (shudder) work with carriers if you want a chance at making a splash with a new product.From assembly to testing to retail, OSOM Privacy is chugging along as it prepares to launch its first smartphone, and we're glad to have co-founder/CEO Jason Keats and chief product officer Gary Anderson join us again for a special, extended, freewheeling episode of Android Bytes.03:33 - 05:40 - Trademark secrecy, gatekeeping IMEI numbers05:43 - 07:32 - Certifying with the FCC (and other telecom agencies)07:34 - 13:40 - Bluetooth, WiFi, 4G, 5G, USB, and other certifications13:41 - 16:08 - IP ratings16:10 - 18:00 - Making a phone "unbreakable", or at least ruggedized (MIL-STD-810)18:07 - 23:35 - Drop tests, glass durability, and foldables23:38 - 26:17 - How to navigate the confusing mess of certifications27:00 - 32:07 - Pre-production hardware, EVTs, DVTs, etc.32:08 - 42:12 - Factory software provisioning, tooling, and signing44:26 - 50:06 - Cellular band support, VoLTE, and carrier certification50:10 - 52:30 - Why shipping phones in Japan, India, Russia, and Brazil is costly52:33 - 55:55 - Carrier software requirements55:57 - 59:30 - Widevine DRM, Netflix certification, and RSAs for preloads1:05:52 - 1:08:03 - Buttons, ports, and a future without themAndroid Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

On this episode of Android Bytes, we take the wraps off Google Play Services, the wonder app that powers many features and APIs you probably thought were native to Android. What does Google Play Services do and how does it do it? Why is it so important and what happens when it's missing from your device? We spoke with German developer Marvin Wißfeld to find out. Marvin is the creator of microG, a "free-as-in-freedom re-implementation of Google's proprietary Android user space apps and libraries" for devices running AOSP.02:59 - What is Google Play Services (GMSCore) and how is it delivered to Android devices?04:14 - What are some of the features powered by Google Play Services?07:27 - What are the most commonly used APIs provided by Google Play Services?08:23 - How do Play Services' location APIs (Network Location Provider [NLP] and Fused Location Provider [FLP]) work? Why do many apps use Google's location APIs?11:20 - What advantages do apps have in using Google's Firebase Cloud Messaging (FCM) over alternative push notification APIs?13:28 - How are push notifications handled in the Chinese market where Google services are banned?18:07 - How do apps tend to behave on devices without Google Play Services?23:02 - What is microG and how does it help work around some of the issues with running apps on AOSP?26:40 - How do users install microG and why is signature spoofing needed?31:00 - How does the modular nature of Google Play Services optimize its app size?34:57 - Have any Google APIs eventually made their way to AOSP?36:43 - Are there any Google APIs that work on AOSP?Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

This episode of Android Bytes, we're talking about mobile app security. Android has a lot of robust, built-in mechanisms that protect against exploits and security vulnerabilities, but there's only so much it can do to protect against misuse of sensitive permissions and APIs. Google augments Android's protection mechanisms with Play Protect, a service that looks out for potentially harmful applications.Brian Reed, Chief Mobility Officer from NowSecure, joins us on the show to explain how Android and Google Play Protect work together to secure your device.2:05 - How does Android's app security model work at a platform level?3:27 - What does NowSecure do?4:16 - How does Android sandbox apps?5:30 - How does Android's security model compare to other platforms?7:24 - How does sideloading affect Android security?13:28 - How is Google Play Protect distributed to GMS Android devices?14:17 - What is the App Defense Alliance (ADA)? What is static and dynamic analysis? 17:12 - What are the reverse engineering/disassembly tools security firms use to analyze Android apps?18:55 - Why is dynamic analysis important?24:05 - What is a potentially harmful application (PHA)?25:32 - What is a mobile bundled application (MHA)? Are there any security risks?27:42 - What can developers do to protect their Android apps from hackers?Additional links mentioned in the show:nowsecure.com/masa (Get your Mobile Application Security Assessment)academy.nowsecure.com (Learn about mobile app security)owasp.org (Open Web Application Security Project)Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

On this episode of Android Bytes: mobile gaming. People play into it. There's money to be made in it. And a lot of it gets done on Android. So, how do you build an Android device catering to that market? We talk with Chih-hao Kung, Global Technical PR Director for ASUS, a company known for its PCs that's had a hand in advancing Android gaming devices with its ROG Phone series.01:37 - Why does ASUS invest in mobile gaming hardware? 05:30 - What does the mobile gaming market look like?15:41 - Why did early gaming phones fail? What kicked off the recent boom in gaming phones?21:44 - How big is the mobile gaming market?26:29 - What are some gaming phones innovations that have trickled down to regular devices?30:49 - How does smartphone cooling work? What are some of the recent improvements in cooling a smartphone?39:32 - What challenges did ASUS face in getting developers to support the ROG Phone accessories?47:50 - Why are refresh rate options in games so inconsistent between devices?54:35 - What's the deal with game controller support on Android?56:25 - How is Google addressing fragmentation when it comes to Android game development? How will these measures affect OEMs?Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

The Google Play Store is home to millions of Android apps. It's most likely the place where you downloaded the app to get this podcast. But what if you're in that very special group of users who source their apps from outside the bubble of Google Play? On this episode of Android Bytes, we talk with Logan Magee, the developer behind his very own app store, Accrescent.01:23 - Why do so many OEMs license GMS? What’s the importance of the Google Play Store and Google Play Services?03:38 - What are the considerations you need to make when designing an app store?07:45 - How do you get your app store on devices without GMS?09:32 - What is Accrescent, and how will it differ from other Android app stores?11:51 - How does Android’s security model work when it comes to apps? What is an APK file? What’s inside of an APK? How is it updated?14:20 - How have APK signatures evolved? What do APK Signature Scheme v3 and v4 bring to the table? How does APK Signature Scheme v4 enable the “Play as you download” feature?16:28 - Is there a way to secure Android’s trust on first use (TOFU) model for first-time app installs?19:20 - What do Google Play and other app stores do to get developers on board?20:40 - How does Google Play (try to) keep malicious apps off their store? Are these measures effective?26:08 - Should app stores take over guarding of sensitive permissions from the OS?28:40 - What is the advantage of bundling an app store with the OS image? What can preinstalled app stores do that sideloaded third-party app stores can’t?30:25 - How does Android 12 enable third-party app stores to perform unattended updates?33:35 - What is an Android App Bundle and how is it different from an APK? What are the benefits of app bundles and what are some of the downsides?40:25 - How will Google Play’s app archiving feature work? What is an archived APK?41:50 - What can we learn about Android app distribution from China?Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

Get ready for a doozy. This episode tries to explain how storage works on Android with a focus on Google's on-again, off-again approach to scoped storage and how apps navigate it all. Hopefully you don't come out of this more confused than before.We talk with Raymond Lai, part of the team behind Amaze File Manager.03:01 - How did storage access used to work in the early days of Android? What is the difference between internal and external storage?05:00 - Why is external storage mounted using a virtual file system? Where can apps store files, and what is the "Android" folder used for? What was the problem with mounting external storage as VFAT?10:00 - Why did Android 4.4 switch from VFAT to using FUSE to emulate FAT32? Is FUSE still being used? What is SDCardFS?12:07 - What is Scoped Storage? How did it affect external storage access? 13:12 - What is the MediaStore API? How does Scoped Storage protect users?17:02 - What is the Storage Access Framework, and why was it so controversial? How did it affect apps?24:00 - How did Scoped Storage break file access on some Android TV devices?26:54 - How did Google respond to developer feedback on Scoped Storage before Android 10's release?27:43 - How did Scoped Storage change in Android 11? What is the "all files access" permission and what are its limitations? How did file managers get around these limitations?31:55 - Why did Android return to FUSE? What was the limitation with SDCardFS? How did Google improve FUSE, and what problems does it still have?38:44 - What is FUSE passthrough in Android 12? How does it improve performance?40:22 - How will Android 13 change file access on Android?Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

We close the circle on our OSOM double-header here on Android Bytes. In this episode, we chat with CEO Jason Keats and CPO Gary Anderson about how they'll update Android on their new phone, the Solana Saga, and dive deeper into the Solana part of the device. What's the Solana Mobile Stack, what are its benefits, and what can people do with it?00:40 - Where do OEMs actually get Android and Linux from? What is a BSP?03:10 - What is a Generic Kernel Image?06:02 - What is Project Treble and Google Requirements Freeze? How do these initiatives affect Android updates?10:10 - What are silicon vendors concerned about when it comes to updates? Is there a clash between their interests and an OEM's?12:12 - How long will the Solana Saga be supported for?13:44 - What is the Solana Mobile Stack? How will the SMS use the Saga's secure hardware?22:08 - Should Google slow down the development of Android? 25:26 - Sharing some thoughts on Android 1327:25 - What challenges did the Essential Phone's pogo pins present? Any other interesting stories?Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

It's a two-part special on Android Bytes as we chat with two execs from OSOM Privacy, an Android startup founded from the remains of Andy Rubin's Essential. In this episode, we talk about the company's first product, the Solana Saga, and what it's like building an Android experience from scratch.With us are OSOM CEO Jason Keats and CPO Gary Anderson. You can learn more about the Saga here. 02:22 - After Essential shut down, why start another smartphone company? 06:38 - Why do so many smartphones use the same build materials?09:05 - What's the Solana Saga all about?15:06 - Does the Solana Saga ship with GMS? What is the software experience like?18:02 - How exactly does a company bring Android with GMS onto a new device? What are the steps involved? 21:26 - What is a MADA? Why do companies have to sign it?22:17 - Why can't a company launch a GMS product with any version of Android and security patch level? Is this requirement burdensome?27:12 - How does one validate that their Android build will pass Google certification? What is xTS and how long does it take to run it?31:23 - What is a 3PL? What happens when a build passes certification?33:21 - How did Essential manage to ship day 1 Android updates?34:50 - How do carriers play a role in Android updates?Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

On this week's episode, we break down how camera APIs work in Android and why third-party camera apps just can't match the features and quality produced by the stock camera. Long story short, it's a mess. What gives? And what's being done about it?We're joined by Mohit Shetty, a developer behind Secure Camera, the camera app on GrapheneOS and available to everyone on the Play Store.01:48 - How does hardware fragmentation make camera app development on Android inherently more challenging than on iOS?03:52 - Was there anything Google could have done in the early days to make things better?08:21 - Why don't OEMs bother with making sure third-party camera apps work the same as the stock camera app?12:27 - What are some features that OEMs can't expose to third-party camera apps through Android's camera API?17:20 - How does Android's camera architecture work? What is Camera HAL 3?20:23 - How will Google Requirements Freeze (GRF) affect camera HAL versioning?24:11 - How do third-party camera apps interface with multiple cameras?29:28 - What is the Camera2 API?32:52 - What is CameraX and what can (and can't) it do? Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

This week's episode of Android Bytes actually follows up on something our co-host Mishaal has been looking at for a while: a removable eSIM that lets Android phones without the technology built-in to access eSIM providers. We chat with Christos Omiridis of Telco Village who was part of the team that created eSIM.me.02:09 - What is a SIM? What is an eSIM? Why does it exist?09:15 - Why bring eSIM to a device that doesn't natively support it?15:50 - How does a removable eSIM interface with Android?27:55 - What's the extensibility of modularizing eSIM from other FOSS devs and wireless carriers?Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

Apple and Google are moving forward in supporting mobile driver's licenses. People are definitely asking questions about what goes into standardizing them and where some of the stumbling blocks might be in terms of privacy or liability. So, on this week's episode, we've got an expert to walk us through what's actually become a global standard that's already being put into practice across different agencies across America.Our guest is David Kelts, director of product development at GET Group NA, one of the major vendors in deploying MDL systems in the U.S.01:06 - What's been going on with the development of MDLs?10:35 - How does an MDL holder interact with someone trying to verify their identity? How are privacy or availability concerns addressed?19:00 - What are some of the advantages that digital IDs have over physical IDs?29:49 - What does the ubiquity of digital IDs look like? How do holders and governments interface with the system?41:50 - How does the future look for MDLs and other digital IDs?

It's the week of Google I/O, the company's big conference focused around development of its consumer platforms, so we thought to take the pulse of one veteran Android app maker on how the state of design and publishing is for newcomers in 2022 and with Android 13 on the way. If you're one of them and are wondering where to start, this show is for you.Laurence Dawson is the creator of Sync for Reddit.04:21 - Where does a new app developer start?11:12 - How should you architect your app?14:16 - What should you beware of when relying on libraries?19:00 - How should one approach developing a user interface...26:24 - ...especially when you need to account for tablet and foldable form factors?30:17 - Any tips on getting the word out about your app?35:20 - What if you want to port your app outside of the Google Play Store?38:30 - Will you be able to keep your app updated regularly? (This will be more important going forward)Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

This episode features a spirited nerding out over how we've used and developed for devices with minuscule amounts of RAM. From the days of Project Svelte on Android KitKat all the way up to Android Go Edition with Oreo, we go far and wide while trying to patch up any potholes that could crash apps or the operating system itself. Buckle in for a wild ride.We're joined by Nolen Johnson, part of the team at DirectDefense, and Sean Hoyt, LineageOS developer.01:21 - What's the experience of using a low-RAM Android device?05:56 - What methods have actors along the parts chain developed to manage memory?11:47 - What is Project Svelte and how did it help?16:56 - What tricks did device OEMs use to stretch active memory?21:56 - What does the Low RAM flag do in Project Svelte?25:46 - What's Android Go Edition?33:42 - Are there any other coping mechanisms outside of what Svelte and Go have offered?38:21 - Will RAM optimizations eventually kill the 32-bit application?Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

On this episode, we seek insight on Wear OS, formerly known as Android Wear. As with any other operating system Google has its hands in, there are some unique challenges that developers have had to deal with. Add to that the general malaise the software has experienced over the past several years and you could say that this ship needed to turn around. What does Wear OS 3.0 do to help with that?We're joined by Sean Hoyt, an Android developer who worked on the BLOCKS and Open Watch smartwatch concepts, and Greg Viczian, a Wear OS app developer best known for his Bubble Cloud launcher.01:42 - How did Android Wear get its start? What was using it like?08:36 - What made it challenging for third-party devs to work on Android Wear/Wear OS?17:27 - What happens when you try to cram a full version of Android onto a smartwatch?24:58 - What is the app development experience for Wear OS?32:30 - What does Wear OS 3.0 bring and what does Samsung have to do with all of it?41:57 - What does the future hold for the success or failure of Wear OS?Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

On this episode, David and Mishaal chat with Esper's very own Varun Chitre about Foundation, the Android distribution we provide to our clients for use on their fleets of various machines be it a kiosk or a walkie-talkie. We begin with the basics of why you'd want to deploy a new OS on new hardware — because we all know how enterprise fleets cling to life well past their "use by" dates.0:35 - What is provisioning and how do you do it efficiently when you have hundreds of devices to set up?6:03 - What are the key differences in managing provisions with BYOD versus corporate-issued devices?16:39 - What are the challenges in servicing these devices with infrastructural services from different sources including Google, device makers, and AOSP?29:49 - What security risks come with a lack of over-the-air software updates?33:33 - Is it possible to get a robust Android experience loading it onto old Windows machines you might already have?Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

If there's any one thing to take away from this week's episode, it's that you shouldn't toy around with pushing plain AOSP and GMS on your devices. Of course, we've got all the reasons why. We're pleased to be joined by Chirayu Desai, one of the developers of the FOSS-focused CalyxOS.01:00 - What features do Android Open Source Project builds actually have? Which ones are dependent on Google Mobile Services?12:55 - What are some of AOSP's own feature shortcomings?18:22 - What is CalyxOS's approach and why does it take that path?24:36 - Why is it such a big deal to ditch GMS? Are there ways to get around it?41:32 - Why not just ship devices with just AOSP and GMS?Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

On this week's episode, we take a good, long look at Android Auto (and a sidelong glance at Android Automotive) including the technical nuts and bolts of how it works and the seemingly immovable burdens that present when Google partners with automakers.We're joined by Emil Borconi-Szedressy, a co-developer of the nifty AAWireless dongle to enable wireless Android Auto in otherwise-incompatible vehicles and the creator of the Headunit Reloaded app which enables Android Auto in aftermarket head units.02:27 - How were in-vehicle infotainment systems coming along prior to Android Auto?08:56 - What are the experiential differences between Android Auto and Android Automotive?17:30 - What is the essence of Android Auto? How does it work?31:03 - What happens on the Android device when Auto is turned on?40:17 - What does the future look like for Android Auto?Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.

On this week's episode, we get caught up in the whirlwind of one of the many such cat-and-mouse games in Android development between power users and app developers which involves root access, trusted environments, security checks, and Google. What's happened and what's up next in this seemingly never-ending treadmill and what good is there for it to exist? You'd be surprised.We're joined by Danny Lin, an independent Android developer, and Sergio Castell, a mobile security analyst and longtime modder best known as linuxct.02:09 - What is SafetyNet and what does it do?06:41 - How do modders get around SafetyNet?11:22 - What advantages does each side of this battle have?15:33 - What is hardware attestation? What makes it hard to break? Can it be bypassed?24:50 - What options do developers have in ensuring their apps are operating in safe envrionments?32:26 - What's the overall outlook as Google begins to replace SafetyNet with its new Play Integrity API?Android Bytes is hosted by Mishaal Rahman, Senior Technical Editor, and David Ruddock, Editor in Chief, of Esper.Mishaal's TwitterDavid's TwitterFor more about Esper, visit us.Esper BlogOfficial Esper siteBook an Esper DemoOur music is "19" by HOME and is licensed under CC BY 3.0.