In April, developer David Poll exposed a vulnerability of Facebook’s SDK with his app FacebookThief: his app could steal your Facebook login and post on your behalf. In February, it was revealed that Path was sending the details from your address book to their API. What are the security principles of Android? Implications of rooting your Android? In this workshop, we’ll answer these questions and make our own simple app that reveals security holes in apps you might use every day. All you need is to bring your own device!