Brought to you by Meta. In addition to remaining active in the open source community and conference circuit, this podcast offers another channel that allows us to highlight the technical work of our engineers who will discuss everything from low-level frameworks to end-user features. Throughout the podcast, Meta engineer Pascal Hartig (@passy) will interview developers in the company.

11: Secure Networking on Android with Subodh

March 15, 2019 59:37 57.79 MB Downloads: 0

Subodh, a software engineer leading the QUIC team in Menlo Park, joins us for episode 11 and talks with Mihaela and Pascal about Android networking. If you've never given much attention to the network protocols your app is using, listen to Subodh why you should give it a second though. You'll hear about how the Android networking stack has evolved over the years, why zero round-trip time matters on mobile and what it's like to contribute to a network protocol specification (spoiler: it's TLS 1.3). Brush up on your networking knowledge and tune in for this new episode!

For feedback, please reach out on Twitter at @insidefbmobile, Instagram at insidefbmobile or drop us an email at mobilepodcasts@fb.com.

Topics discussed - https://www.reactiflux.com/transcripts/react-native-team/ - https://www.reddit.com/r/reactnative/comments/av7vw3/future_ama_the_react_native_team_will_be_hosting/ - https://github.com/react-native-community/discussions-and-proposals/issues/64#issuecomment-446098249 - https://facebook.github.io/react-native/blog/2019/03/01/react-native-open-source-update - https://code.fb.com/developer-tools/mark-harman-harlan-d-mills-award/

Timestamps

Intro 00:00 News 00:16 React Native OSS Update 00:25 React AMA 00:54 Relay 3.0 01:25 Sapienz 01:39 The Diff 02:40 Magma 03:22 Interview Prelude 04:03 Subodh Intro 05:02 First Projects 06:02 What got you interested in security? 07:18 Whitehat 08:15 FB Android networking 6 years ago 09:49 HTTPS enforcement 11:09 Evolution of the mobile networking stack 12:08 Certificate Pinning 15:07 Adopting system-level APIs 18:00 WebView security 20:29 TLS 1.3 features 21:32 Encrypted SNI 25:44 What's next after TLS 1.3? 27:46 Header compression flaws 28:34 QUIC 31:19 Standards Contributions (link) 40:07 mvfst 43:00 Low-level API UX 48:50 Katran: https://code.fb.com/open-source/open-sourcing-katran-a-scalable-network-load-balancer/ 52:20 Wrap-up 54:11 Outro 55:19 Bloopers 58:52