Ed Holloway-George
Lead Android Developer @ ASOS | Android GDE
Nottingham, United Kingdom
Actions
Ed Holloway-George is an Android Developer and Google Developer Expert originally from Oxford, UK but now currently residing in Nottingham, UK.
An Android developer for over 10 years; Ed now works for ASOS as a Lead Developer having previously worked on well-known applications such as National Trust, My Oxfam, Snoop, Carling Tap and many more.
In his spare time, Ed can be found playing trading card games and posting pictures of his dog.
Links
Area of Expertise
Topics
How to stop the ‘Gradle Snatchers’: Securing your builds from baddies
Following on from one of the first recorded supply chain attacks against Gradle, this talk will discuss the security concerns surrounding our favourite build tool and how we can protect against them. This starts with gaining an understanding of some of Gradle's common vulnerabilities and how to avoid these within our projects. You'll leave this talk with:
- Insights on the Gradle Wrapper supply-chain attack and how to protect against it.
- An overview of a Gradle dependency attack and how to protect against them.
- A concrete list of security setting best practices within Gradle, including wrapper verification, repository filtering, dependency verification and others.
Sorting and Reporting Your Dependencies with Gradle
All apps have dependencies, but what is the best way to manage and keep on top of them? This session takes a look at some simple steps, tools and tricks to use Gradle to help us make dependency management far easier.
Starting with simple Gradle language features, we will also explore how to handle dependencies within more complex projects, dive into some useful Gradle plugins and finally look into what the future of dependency management within Android may be.
You'll leave this talk with a clear understanding of how to improve your dependency management within your apps and how to apply them in future.
Implementing config-driven experiments that don’t require a release
At ASOS there’s an ever increasing demand to run experiments at scale in our native apps (the Android app alone has 10M+ installs). Tired of having to manually implement and release each experiment individually, and then having to wait for enough people to get it, we built a custom “Url Injection Framework” which makes it possible to implement configuration-driven experiments that can modify any API call or network request without requiring app changes and releases.
How to become your app's 'security champion'
In this session, we will take an introductory look at mobile security, the threats we face as mobile developers and the steps you can take to become a 'security champion' for your app to protect your business and, most importantly, your users.
Don’t get stung by OWASP - An intro into writing code for greater Android Security
In this session, we will take a dive into OWASP's top threats for mobile security, the common Android security pitfalls we all succumb too and look how we may code in a more security-focused mindset going forwards.
Don’t get stung by OWASP II - The final five!
Following on from my 'Don’t get stung by OWASP' talk at Android Worldwide Jan 2022, this talk takes an in-depth look at the final five largest security threats to us as Android developers as determined by the OWASP Top 10 for Mobile.
As a pre-requisite, it is highly recommended you watch Part 1 of this talk, which is freely available on the Android Worldwide YouTube channel.
droidcon Berlin 2023 Sessionize Event
Android Worldwide January 2023 Sessionize Event
droidcon London 2022 Sessionize Event
Android Worldwide July 2022 Sessionize Event
Android Worldwide April 2022 Sessionize Event
Android Worldwide January 2022 Sessionize Event
droidcon London 2021 Sessionize Event
Android Worldwide, July 2021 Sessionize Event
Ed Holloway-George
Lead Android Developer @ ASOS | Android GDE
Nottingham, United Kingdom
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top