SlideShare une entreprise Scribd logo

Lange

Droidcon Berlin
Droidcon Berlin
TechnologieActualités & Politique
1  sur  31
Télécharger pour lire hors ligne
State of the Union: Android Security Overview Matthias Lange, Steffen Liebergeld, April 9th, 2013, Droidcon 2013
Why should I care?
Mobile OS Market Share (2012) 2 % 4 % 4 % 5 % 17 % 68 % Android iOS Blackberry Symbian Windows Linux http://www.idc.com/getdoc.jsp?containerId=prUS23638712#.UUL-GaVW6-U
Malware Distribution 2010 F-Secure Mobile Threat Report Q4/2012
Malware Distribution 2011 F-Secure Mobile Threat Report Q4/2012
Malware Distribution 2012 F-Secure Mobile Threat Report Q4/2012
No!
High Level Overview
Agenda • Secure Boot • Memory Management Security Enhancements • Android Application Security • Android Security Problems • Future Improvements
Secure Boot
Boot Process 1. Initial Bootloader 2. Bootloader 3. Kernel 4. Android init 5. Android platform boot
Boot Architecture SoC DRAM DRAM CPU Controller Security Controller Boot Device Subsystem NAND Bootloader Signature SD/MMC ROM eMMC Kernel IBL USB OTG Signature OM Pin
Signature Check SHA1 Image Digest/ Image Hash Compare Check with Public Key Signature Signature Digest/ Hash
Memory Protection
Protection Against Memory Corruption • Since 2.3 Gingerbread • Android >= 4.1 • eXecute Never (XN) • Position Independent Executable (PIE) • mmap_min_addr • Read-only Relocations (RELro) • Android >= 4.0 • Address Space Layout Randomization (ASLR)
ASLR • Randomize mapping location of memory • Stack, heap, libs, executable • Primarily provided by Linux kernel • Usually combined with NX
Randomization in Gingerbread • cat /proc/PID/maps (vold) 00008000-00028000 r-xp 00000000 b3:09 450 /system/bin/vold 00028000-00029000 rw-p 00020000 b3:09 450 /system/bin/vold afd00000-afd40000 r-xp 00000000 b3:09 743 /system/lib/libc.so afd40000-afd43000 rw-p 00040000 b3:09 743 /system/lib/libc.so b0001000-b0009000 r-xp 00001000 b3:09 375 /system/bin/linker b0009000-b000a000 rw-p 00009000 b3:09 375 /system/bin/linker bebcc000-bebed000 rw-p 00000000 00:00 0 [stack] 00029000-00032000 rw-p 00000000 00:00 0 [heap] 00008000-00028000 r-xp 00000000 b3:09 450 /system/bin/vold 00028000-00029000 rw-p 00020000 b3:09 450 /system/bin/vold afd00000-afd40000 r-xp 00000000 b3:09 743 /system/lib/libc.so afd40000-afd43000 rw-p 00040000 b3:09 743 /system/lib/libc.so b0001000-b0009000 r-xp 00001000 b3:09 375 /system/bin/linker b0009000-b000a000 rw-p 00009000 b3:09 375 /system/bin/linker becf2000-bed13000 rw-p 00000000 00:00 0 [stack] 00029000-00032000 rw-p 00000000 00:00 0 [heap]
Randomization in ICS • cat /proc/PID/maps (vold) 00008000-0001f000 r-xp 00000000 103:01 436 /system/bin/vold 0001f000-00020000 rw-p 00017000 103:01 436 /system/bin/vold 400b7000-400f9000 r-xp 00000000 103:01 891 /system/lib/libc.so 400f9000-400fc000 rw-p 00042000 103:01 891 /system/lib/libc.so b0001000-b0009000 r-xp 00001000 103:01 357 /system/bin/linker b0009000-b000a000 rw-p 00009000 103:01 357 /system/bin/linker beabc000-beadd000 rw-p 00000000 00:00 0 [stack] 00020000-0002f000 rw-p 00000000 00:00 0 [heap] 00008000-0001f000 r-xp 00000000 103:01 436 /system/bin/vold 0001f000-00020000 rw-p 00017000 103:01 436 /system/bin/vold 400bc000-400fe000 r-xp 00000000 103:01 891 /system/lib/libc.so 400fe000-40101000 rw-p 00042000 103:01 891 /system/lib/libc.so b0001000-b0009000 r-xp 00001000 103:01 357 /system/bin/linker b0009000-b000a000 rw-p 00009000 103:01 357 /system/bin/linker bee36000-bee57000 rw-p 00000000 00:00 0 [stack] 00020000-0002f000 rw-p 00000000 00:00 0 [heap]
Randomization in Jelly Bean • cat /proc/PID/maps (sleep 1000) 400e8000-40100000 r-xp 00000000 103:01 429       /system/bin/toolbox 40101000-40102000 r--p 00018000 103:01 429       /system/bin/toolbox 40102000-40104000 rw-p 00019000 103:01 429       /system/bin/toolbox 40093000-400d6000 r-xp 00000000 103:01 86        /system/lib/libc.so 400d6000-400d9000 rw-p 00043000 103:01 86        /system/lib/libc.so 40195000-401a8000 r-xp 00000000 103:01 889       /system/bin/linker 401a8000-401a9000 r--p 00012000 103:01 889       /system/bin/linker beb87000-beba8000 rw-p 00000000 00:00 0          [stack] 40046000-4005e000 r-xp 00000000 103:01 429       /system/bin/toolbox 4005f000-40060000 r--p 00018000 103:01 429       /system/bin/toolbox 40060000-40062000 rw-p 00019000 103:01 429       /system/bin/toolbox 40067000-400aa000 r-xp 00000000 103:01 86        /system/lib/libc.so 400aa000-400ad000 rw-p 00043000 103:01 86        /system/lib/libc.so 4011c000-4012f000 r-xp 00000000 103:01 889       /system/bin/linker 4012f000-40130000 r--p 00012000 103:01 889       /system/bin/linker bef0d000-bef2e000 rw-p 00000000 00:00 0          [stack]
Application Security
Bouncer • Scans and detects malware while uploading App to Market • App gets executed in emulator • Detection of emulator is easy • Since Jelly Bean 4.2 local version • Scans Apps from alternative app stores
App Encryption • Introduced in Jelly Bean 4.1 • Encrypt paid Apps with device specific key • Disabled after bugs have been found
Android Security Problems
Missing Updates • At least three parties involved • Google/OHA, OEM, Carrier • Fast product cycle • Carrier can block updates • Millions of devices with well known vulnerabilities
Android Version Distribution Donut Eclair Froyo Gingerbread Honeycomb Ice Cream Sandwich Jelly Bean 4.1 Jelly Bean 4.2 0 12,5 25 37,5 50 http://developer.android.com/about/dashboards/index.html, March, 4th 2013
OEM Extensions • Modifications of the Android core • Samsung (/dev/exynos-mem, USSD) • Rootkits in OEM Apps • Bad software quality • Linux drivers
Android Security Improvements
New Features in Jelly Bean >= 4.2 • Secure USB debugging (whitelist for adb) • Better random number generator based on OpenSSL • SMS confirmation
SEAndroid • Android combined with SELinux • Rumor has it: may in Android 5.0 • Samsung Knox
Thank you! Q&A

Recommandé

MSI X99A GODLIKE GAMING Motherboard
MSI X99A GODLIKE GAMING MotherboardMSI X99A GODLIKE GAMING Motherboard
MSI X99A GODLIKE GAMING Motherboard
MSI Gaming
 
Android rooting
Android rootingAndroid rooting
Android rooting
Vikalp Sajwan
 
MSI Z97 GAMING Motherboards
MSI Z97 GAMING MotherboardsMSI Z97 GAMING Motherboards
MSI Z97 GAMING Motherboards
MSI Gaming
 
Is there an EFI monster inside your apple? by Pedro Vilaça - CODE BLUE 2015
Is there an EFI monster inside your apple? by Pedro Vilaça - CODE BLUE 2015Is there an EFI monster inside your apple? by Pedro Vilaça - CODE BLUE 2015
Is there an EFI monster inside your apple? by Pedro Vilaça - CODE BLUE 2015
CODE BLUE
 
Lista Precios
Lista PreciosLista Precios
Lista Precios
santybsc
 
MSI Z170 GAMING Series Motherboards
MSI Z170 GAMING Series MotherboardsMSI Z170 GAMING Series Motherboards
MSI Z170 GAMING Series Motherboards
MSI Gaming
 
Geniatech Robust Android Signage Player
Geniatech Robust Android Signage Player Geniatech Robust Android Signage Player
Geniatech Robust Android Signage Player
Geniatech
 
Partes piezas mayo
Partes piezas mayoPartes piezas mayo
Partes piezas mayo
Henry Nazir Triforia
 

Recommandé

MSI X99A GODLIKE GAMING Motherboard
MSI X99A GODLIKE GAMING MotherboardMSI X99A GODLIKE GAMING Motherboard
MSI X99A GODLIKE GAMING Motherboard
MSI Gaming
 
Android rooting
Android rootingAndroid rooting
Android rooting
Vikalp Sajwan
 
MSI Z97 GAMING Motherboards
MSI Z97 GAMING MotherboardsMSI Z97 GAMING Motherboards
MSI Z97 GAMING Motherboards
MSI Gaming
 
Is there an EFI monster inside your apple? by Pedro Vilaça - CODE BLUE 2015
Is there an EFI monster inside your apple? by Pedro Vilaça - CODE BLUE 2015Is there an EFI monster inside your apple? by Pedro Vilaça - CODE BLUE 2015
Is there an EFI monster inside your apple? by Pedro Vilaça - CODE BLUE 2015
CODE BLUE
 
Lista Precios
Lista PreciosLista Precios
Lista Precios
santybsc
 
MSI Z170 GAMING Series Motherboards
MSI Z170 GAMING Series MotherboardsMSI Z170 GAMING Series Motherboards
MSI Z170 GAMING Series Motherboards
MSI Gaming
 
Geniatech Robust Android Signage Player
Geniatech Robust Android Signage Player Geniatech Robust Android Signage Player
Geniatech Robust Android Signage Player
Geniatech
 
Partes piezas mayo
Partes piezas mayoPartes piezas mayo
Partes piezas mayo
Henry Nazir Triforia
 
Android– forensics and security testing
Android– forensics and security testingAndroid– forensics and security testing
Android– forensics and security testing
Santhosh Kumar
 
MSI PRO Series Motherboard
MSI PRO Series MotherboardMSI PRO Series Motherboard
MSI PRO Series Motherboard
MSI Gaming
 
What is Rooting in Anndroid, Benefit and Risk of Android Rooting
What is Rooting in Anndroid, Benefit and Risk of Android RootingWhat is Rooting in Anndroid, Benefit and Risk of Android Rooting
What is Rooting in Anndroid, Benefit and Risk of Android Rooting
kalaivanan97
 
Android Rooting Technology
Android Rooting TechnologyAndroid Rooting Technology
Android Rooting Technology
Tarak Tar
 
Rooting android
Rooting androidRooting android
Rooting android
Dignitas Digital Pvt. Ltd.
 
Android Development Tools
Android Development ToolsAndroid Development Tools
Android Development Tools
Dominik Helleberg
 
Rooting an Android phone
Rooting an Android phoneRooting an Android phone
Rooting an Android phone
Arnav Gupta
 
Wispi: Mini Karma Router For Pentester - Rama Tri Nanda
Wispi: Mini Karma Router For Pentester - Rama Tri NandaWispi: Mini Karma Router For Pentester - Rama Tri Nanda
Wispi: Mini Karma Router For Pentester - Rama Tri Nanda
idsecconf
 
Rooting android
Rooting androidRooting android
Rooting android
Matt Vieyra
 
Harga Komputer
Harga KomputerHarga Komputer
Harga Komputer
komputer laptop
 
The Universal Serial Web @HolyJS
The Universal Serial Web @HolyJSThe Universal Serial Web @HolyJS
The Universal Serial Web @HolyJS
asciidisco
 
Android Rooting
Android RootingAndroid Rooting
Android Rooting
Sisir Molakalapalli
 
Soyo syd6iba
Soyo syd6ibaSoyo syd6iba
Soyo syd6iba
Roberto Mantovani
 
Android Rooting and Flashing
Android Rooting and FlashingAndroid Rooting and Flashing
Android Rooting and Flashing
Muhammad Ehsan
 
Android Development Tools
Android Development ToolsAndroid Development Tools
Android Development Tools
Dominik Helleberg
 
Rooting android
Rooting androidRooting android
Rooting android
Bhoomit Belani
 
Launch Impossible Current State of Application Control Bypasses on ATMs.
Launch Impossible Current State of Application Control Bypasses on ATMs.Launch Impossible Current State of Application Control Bypasses on ATMs.
Launch Impossible Current State of Application Control Bypasses on ATMs.
Payment Village
 
Lukas Apa - Hacking Robots Before SkyNet
Lukas Apa - Hacking Robots Before SkyNet Lukas Apa - Hacking Robots Before SkyNet
Lukas Apa - Hacking Robots Before SkyNet
NoNameCon
 
Rooting Android Devices
Rooting Android DevicesRooting Android Devices
Rooting Android Devices
Lokendra Rawat
 
Android Rooting
Android RootingAndroid Rooting
Android Rooting
Narayan Vyas
 
Zertisa
ZertisaZertisa
Zertisa
Droidcon Berlin
 
Droidcon 2011: Strategies for Android, Henning Boeger, Capgemini
Droidcon 2011: Strategies for Android, Henning Boeger, CapgeminiDroidcon 2011: Strategies for Android, Henning Boeger, Capgemini
Droidcon 2011: Strategies for Android, Henning Boeger, Capgemini
Droidcon Berlin
 

Contenu connexe

Tendances

Android– forensics and security testing
Android– forensics and security testingAndroid– forensics and security testing
Android– forensics and security testing
Santhosh Kumar
 

Tendances (20)

Android– forensics and security testing
Android– forensics and security testingAndroid– forensics and security testing
Android– forensics and security testing
 
MSI PRO Series Motherboard
MSI PRO Series MotherboardMSI PRO Series Motherboard
MSI PRO Series Motherboard
 
What is Rooting in Anndroid, Benefit and Risk of Android Rooting
What is Rooting in Anndroid, Benefit and Risk of Android RootingWhat is Rooting in Anndroid, Benefit and Risk of Android Rooting
What is Rooting in Anndroid, Benefit and Risk of Android Rooting
 
Android Rooting Technology
Android Rooting TechnologyAndroid Rooting Technology
Android Rooting Technology
 
Rooting android
Rooting androidRooting android
Rooting android
 
Android Development Tools
Android Development ToolsAndroid Development Tools
Android Development Tools
 
Rooting an Android phone
Rooting an Android phoneRooting an Android phone
Rooting an Android phone
 
Wispi: Mini Karma Router For Pentester - Rama Tri Nanda
Wispi: Mini Karma Router For Pentester - Rama Tri NandaWispi: Mini Karma Router For Pentester - Rama Tri Nanda
Wispi: Mini Karma Router For Pentester - Rama Tri Nanda
 
Rooting android
Rooting androidRooting android
Rooting android
 
Harga Komputer
Harga KomputerHarga Komputer
Harga Komputer
 
The Universal Serial Web @HolyJS
The Universal Serial Web @HolyJSThe Universal Serial Web @HolyJS
The Universal Serial Web @HolyJS
 
Android Rooting
Android RootingAndroid Rooting
Android Rooting
 
Soyo syd6iba
Soyo syd6ibaSoyo syd6iba
Soyo syd6iba
 
Android Rooting and Flashing
Android Rooting and FlashingAndroid Rooting and Flashing
Android Rooting and Flashing
 
Android Development Tools
Android Development ToolsAndroid Development Tools
Android Development Tools
 
Rooting android
Rooting androidRooting android
Rooting android
 
Launch Impossible Current State of Application Control Bypasses on ATMs.
Launch Impossible Current State of Application Control Bypasses on ATMs.Launch Impossible Current State of Application Control Bypasses on ATMs.
Launch Impossible Current State of Application Control Bypasses on ATMs.
 
Lukas Apa - Hacking Robots Before SkyNet
Lukas Apa - Hacking Robots Before SkyNet Lukas Apa - Hacking Robots Before SkyNet
Lukas Apa - Hacking Robots Before SkyNet
 
Rooting Android Devices
Rooting Android DevicesRooting Android Devices
Rooting Android Devices
 
Android Rooting
Android RootingAndroid Rooting
Android Rooting
 

En vedette

Caught between fires html5 mahdi_njim
Caught between fires html5 mahdi_njimCaught between fires html5 mahdi_njim
Caught between fires html5 mahdi_njim
Droidcon Berlin
 
20130409 1 developing apps for android with kivy
20130409 1 developing apps for android with kivy20130409 1 developing apps for android with kivy
20130409 1 developing apps for android with kivy
Droidcon Berlin
 
Droidcon ndk cpu_architecture_optimization
Droidcon ndk cpu_architecture_optimizationDroidcon ndk cpu_architecture_optimization
Droidcon ndk cpu_architecture_optimization
Droidcon Berlin
 
Starnberger internet of things droidcon berlin 2013i
Starnberger internet of things droidcon berlin 2013iStarnberger internet of things droidcon berlin 2013i
Starnberger internet of things droidcon berlin 2013i
Droidcon Berlin
 
Droidcon2013 baa s_kohl_apiomat
Droidcon2013 baa s_kohl_apiomatDroidcon2013 baa s_kohl_apiomat
Droidcon2013 baa s_kohl_apiomat
Droidcon Berlin
 
Droidcon2013 commercialsuccess rannenberg
Droidcon2013 commercialsuccess rannenbergDroidcon2013 commercialsuccess rannenberg
Droidcon2013 commercialsuccess rannenberg
Droidcon Berlin
 
Imcd b zhou yu fei - cultural diversity
Imcd b zhou yu fei - cultural diversityImcd b zhou yu fei - cultural diversity
Imcd b zhou yu fei - cultural diversity
Yu Fei Zhou
 
Sony working with sony and developing for xperia devices
Sony working with sony and developing for xperia devicesSony working with sony and developing for xperia devices
Sony working with sony and developing for xperia devices
Droidcon Berlin
 
Droid con berlin_the_bb10_android_runtime
Droid con berlin_the_bb10_android_runtimeDroid con berlin_the_bb10_android_runtime
Droid con berlin_the_bb10_android_runtime
Droidcon Berlin
 
Droidcon2013 helleberg kruemmling_androidgoesreading_inovex_telekom
Droidcon2013 helleberg kruemmling_androidgoesreading_inovex_telekomDroidcon2013 helleberg kruemmling_androidgoesreading_inovex_telekom
Droidcon2013 helleberg kruemmling_androidgoesreading_inovex_telekom
Droidcon Berlin
 

En vedette (20)

Zertisa
ZertisaZertisa
Zertisa
 
Droidcon 2011: Strategies for Android, Henning Boeger, Capgemini
Droidcon 2011: Strategies for Android, Henning Boeger, CapgeminiDroidcon 2011: Strategies for Android, Henning Boeger, Capgemini
Droidcon 2011: Strategies for Android, Henning Boeger, Capgemini
 
Caught between fires html5 mahdi_njim
Caught between fires html5 mahdi_njimCaught between fires html5 mahdi_njim
Caught between fires html5 mahdi_njim
 
20130409 1 developing apps for android with kivy
20130409 1 developing apps for android with kivy20130409 1 developing apps for android with kivy
20130409 1 developing apps for android with kivy
 
Droidcon ndk cpu_architecture_optimization
Droidcon ndk cpu_architecture_optimizationDroidcon ndk cpu_architecture_optimization
Droidcon ndk cpu_architecture_optimization
 
Starnberger internet of things droidcon berlin 2013i
Starnberger internet of things droidcon berlin 2013iStarnberger internet of things droidcon berlin 2013i
Starnberger internet of things droidcon berlin 2013i
 
Droidcon 2011: Mosync mobile framework, Stefan Sels, Tronicum
Droidcon 2011: Mosync mobile framework, Stefan Sels, TronicumDroidcon 2011: Mosync mobile framework, Stefan Sels, Tronicum
Droidcon 2011: Mosync mobile framework, Stefan Sels, Tronicum
 
Droidcon2013 baa s_kohl_apiomat
Droidcon2013 baa s_kohl_apiomatDroidcon2013 baa s_kohl_apiomat
Droidcon2013 baa s_kohl_apiomat
 
Droidcon2013 commercialsuccess rannenberg
Droidcon2013 commercialsuccess rannenbergDroidcon2013 commercialsuccess rannenberg
Droidcon2013 commercialsuccess rannenberg
 
Meridian School Diversity Cafe Cultural Competency
Meridian School Diversity Cafe Cultural CompetencyMeridian School Diversity Cafe Cultural Competency
Meridian School Diversity Cafe Cultural Competency
 
Imcd b zhou yu fei - cultural diversity
Imcd b zhou yu fei - cultural diversityImcd b zhou yu fei - cultural diversity
Imcd b zhou yu fei - cultural diversity
 
Positive relationships with parents
Positive relationships with parentsPositive relationships with parents
Positive relationships with parents
 
What Hispanic Students Say About Parental Involvement
What Hispanic Students Say About Parental InvolvementWhat Hispanic Students Say About Parental Involvement
What Hispanic Students Say About Parental Involvement
 
Activities that involve parents
Activities that involve parentsActivities that involve parents
Activities that involve parents
 
Sony working with sony and developing for xperia devices
Sony working with sony and developing for xperia devicesSony working with sony and developing for xperia devices
Sony working with sony and developing for xperia devices
 
parent involvement
parent involvementparent involvement
parent involvement
 
Droid con berlin_the_bb10_android_runtime
Droid con berlin_the_bb10_android_runtimeDroid con berlin_the_bb10_android_runtime
Droid con berlin_the_bb10_android_runtime
 
Parents As Partners In Excellence
Parents As Partners In ExcellenceParents As Partners In Excellence
Parents As Partners In Excellence
 
Droidcon2013 helleberg kruemmling_androidgoesreading_inovex_telekom
Droidcon2013 helleberg kruemmling_androidgoesreading_inovex_telekomDroidcon2013 helleberg kruemmling_androidgoesreading_inovex_telekom
Droidcon2013 helleberg kruemmling_androidgoesreading_inovex_telekom
 
Mattbrenner
MattbrennerMattbrenner
Mattbrenner
 

Similaire à Lange

0xdroid -- community-developed Android distribution by 0xlab
0xdroid -- community-developed Android distribution by 0xlab0xdroid -- community-developed Android distribution by 0xlab
0xdroid -- community-developed Android distribution by 0xlab
National Cheng Kung University
 
0xdroid osdc-2010-100426084937-phpapp02
0xdroid osdc-2010-100426084937-phpapp020xdroid osdc-2010-100426084937-phpapp02
0xdroid osdc-2010-100426084937-phpapp02
chon2010
 
Android Embedded - Smart Hubs als Schaltzentrale des IoT
Android Embedded - Smart Hubs als Schaltzentrale des IoTAndroid Embedded - Smart Hubs als Schaltzentrale des IoT
Android Embedded - Smart Hubs als Schaltzentrale des IoT
inovex GmbH
 
Improve Android System Component Performance
Improve Android System Component PerformanceImprove Android System Component Performance
Improve Android System Component Performance
National Cheng Kung University
 
Zeelogic android-training-2013
Zeelogic android-training-2013Zeelogic android-training-2013
Zeelogic android-training-2013
Zeelogic Solu
 
How to Make Android's Bootable Recovery Work For You by Drew Suarez
How to Make Android's Bootable Recovery Work For You by Drew SuarezHow to Make Android's Bootable Recovery Work For You by Drew Suarez
How to Make Android's Bootable Recovery Work For You by Drew Suarez
Shakacon
 
Deep Dive Into Android Security
Deep Dive Into Android SecurityDeep Dive Into Android Security
Deep Dive Into Android Security
Marakana Inc.
 
IoThings you don't even need to hack
IoThings you don't even need to hackIoThings you don't even need to hack
IoThings you don't even need to hack
Slawomir Jasek
 

Similaire à Lange (20)

0xdroid -- community-developed Android distribution by 0xlab
0xdroid -- community-developed Android distribution by 0xlab0xdroid -- community-developed Android distribution by 0xlab
0xdroid -- community-developed Android distribution by 0xlab
 
Android OS Porting: Introduction
Android OS Porting: IntroductionAndroid OS Porting: Introduction
Android OS Porting: Introduction
 
0xdroid osdc-2010-100426084937-phpapp02
0xdroid osdc-2010-100426084937-phpapp020xdroid osdc-2010-100426084937-phpapp02
0xdroid osdc-2010-100426084937-phpapp02
 
Learning AOSP - Building AOSP for Nexus 7
Learning AOSP - Building AOSP for Nexus 7Learning AOSP - Building AOSP for Nexus 7
Learning AOSP - Building AOSP for Nexus 7
 
Mickey threats inside your platform final
Mickey threats inside your platform finalMickey threats inside your platform final
Mickey threats inside your platform final
 
aibo introduction at ROSCon2018@Madrid
aibo introduction at ROSCon2018@Madridaibo introduction at ROSCon2018@Madrid
aibo introduction at ROSCon2018@Madrid
 
Android Embedded - Smart Hubs als Schaltzentrale des IoT
Android Embedded - Smart Hubs als Schaltzentrale des IoTAndroid Embedded - Smart Hubs als Schaltzentrale des IoT
Android Embedded - Smart Hubs als Schaltzentrale des IoT
 
Embedded Android
Embedded AndroidEmbedded Android
Embedded Android
 
Bringing up Android on your favorite X86 Workstation or VM (AnDevCon Boston, ...
Bringing up Android on your favorite X86 Workstation or VM (AnDevCon Boston, ...Bringing up Android on your favorite X86 Workstation or VM (AnDevCon Boston, ...
Bringing up Android on your favorite X86 Workstation or VM (AnDevCon Boston, ...
 
Improve Android System Component Performance
Improve Android System Component PerformanceImprove Android System Component Performance
Improve Android System Component Performance
 
Zeelogic android-training-2013
Zeelogic android-training-2013Zeelogic android-training-2013
Zeelogic android-training-2013
 
Explorando Go em Ambiente Embarcado
Explorando Go em Ambiente EmbarcadoExplorando Go em Ambiente Embarcado
Explorando Go em Ambiente Embarcado
 
BYOM Build Your Own Methodology (in Mobile Forensics)
BYOM Build Your Own Methodology (in Mobile Forensics)BYOM Build Your Own Methodology (in Mobile Forensics)
BYOM Build Your Own Methodology (in Mobile Forensics)
 
How to Make Android's Bootable Recovery Work For You by Drew Suarez
How to Make Android's Bootable Recovery Work For You by Drew SuarezHow to Make Android's Bootable Recovery Work For You by Drew Suarez
How to Make Android's Bootable Recovery Work For You by Drew Suarez
 
Deep Dive Into Android Security
Deep Dive Into Android SecurityDeep Dive Into Android Security
Deep Dive Into Android Security
 
Discover System Facilities inside Your Android Phone
Discover System Facilities inside Your Android Phone Discover System Facilities inside Your Android Phone
Discover System Facilities inside Your Android Phone
 
Live Memory Forensics on Android devices
Live Memory Forensics on Android devicesLive Memory Forensics on Android devices
Live Memory Forensics on Android devices
 
History of Android Security – from linux to jelly bean
History of Android Security – from linux to jelly beanHistory of Android Security – from linux to jelly bean
History of Android Security – from linux to jelly bean
 
Flash Lite, un’occasione da 1.3 Miliardi di mobile phones
Flash Lite, un’occasione da 1.3 Miliardi di mobile phonesFlash Lite, un’occasione da 1.3 Miliardi di mobile phones
Flash Lite, un’occasione da 1.3 Miliardi di mobile phones
 
IoThings you don't even need to hack
IoThings you don't even need to hackIoThings you don't even need to hack
IoThings you don't even need to hack
 

Plus de Droidcon Berlin

Droidcon de 2014 google cast
Droidcon de 2014 google castDroidcon de 2014 google cast
Droidcon de 2014 google cast
Droidcon Berlin
 
Android programming -_pushing_the_limits
Android programming -_pushing_the_limitsAndroid programming -_pushing_the_limits
Android programming -_pushing_the_limits
Droidcon Berlin
 
Android industrial mobility
Android industrial mobility Android industrial mobility
Android industrial mobility
Droidcon Berlin
 
From sensor data_to_android_and_back
From sensor data_to_android_and_backFrom sensor data_to_android_and_back
From sensor data_to_android_and_back
Droidcon Berlin
 
new_age_graphics_android_x86
new_age_graphics_android_x86new_age_graphics_android_x86
new_age_graphics_android_x86
Droidcon Berlin
 
Testing and Building Android
Testing and Building AndroidTesting and Building Android
Testing and Building Android
Droidcon Berlin
 
Matchinguu droidcon presentation
Matchinguu droidcon presentationMatchinguu droidcon presentation
Matchinguu droidcon presentation
Droidcon Berlin
 
Cgm life sdk_droidcon_2014_v3
Cgm life sdk_droidcon_2014_v3Cgm life sdk_droidcon_2014_v3
Cgm life sdk_droidcon_2014_v3
Droidcon Berlin
 
The artofcalabash peterkrauss
The artofcalabash peterkraussThe artofcalabash peterkrauss
The artofcalabash peterkrauss
Droidcon Berlin
 
Raesch, gries droidcon 2014
Raesch, gries droidcon 2014Raesch, gries droidcon 2014
Raesch, gries droidcon 2014
Droidcon Berlin
 
Android open gl2_droidcon_2014
Android open gl2_droidcon_2014Android open gl2_droidcon_2014
Android open gl2_droidcon_2014
Droidcon Berlin
 
20140508 quantified self droidcon
20140508 quantified self droidcon20140508 quantified self droidcon
20140508 quantified self droidcon
Droidcon Berlin
 
Tuning android for low ram devices
Tuning android for low ram devicesTuning android for low ram devices
Tuning android for low ram devices
Droidcon Berlin
 
Froyo to kit kat two years developing & maintaining deliradio
Froyo to kit kat two years developing & maintaining deliradioFroyo to kit kat two years developing & maintaining deliradio
Froyo to kit kat two years developing & maintaining deliradio
Droidcon Berlin
 
Droidcon2013 security genes_trendmicro
Droidcon2013 security genes_trendmicroDroidcon2013 security genes_trendmicro
Droidcon2013 security genes_trendmicro
Droidcon Berlin
 

Plus de Droidcon Berlin (20)

Droidcon de 2014 google cast
Droidcon de 2014 google castDroidcon de 2014 google cast
Droidcon de 2014 google cast
 
Android programming -_pushing_the_limits
Android programming -_pushing_the_limitsAndroid programming -_pushing_the_limits
Android programming -_pushing_the_limits
 
crashing in style
crashing in stylecrashing in style
crashing in style
 
Raspberry Pi
Raspberry PiRaspberry Pi
Raspberry Pi
 
Android industrial mobility
Android industrial mobility Android industrial mobility
Android industrial mobility
 
Details matter in ux
Details matter in uxDetails matter in ux
Details matter in ux
 
From sensor data_to_android_and_back
From sensor data_to_android_and_backFrom sensor data_to_android_and_back
From sensor data_to_android_and_back
 
droidparts
droidpartsdroidparts
droidparts
 
new_age_graphics_android_x86
new_age_graphics_android_x86new_age_graphics_android_x86
new_age_graphics_android_x86
 
5 tips of monetization
5 tips of monetization5 tips of monetization
5 tips of monetization
 
Testing and Building Android
Testing and Building AndroidTesting and Building Android
Testing and Building Android
 
Matchinguu droidcon presentation
Matchinguu droidcon presentationMatchinguu droidcon presentation
Matchinguu droidcon presentation
 
Cgm life sdk_droidcon_2014_v3
Cgm life sdk_droidcon_2014_v3Cgm life sdk_droidcon_2014_v3
Cgm life sdk_droidcon_2014_v3
 
The artofcalabash peterkrauss
The artofcalabash peterkraussThe artofcalabash peterkrauss
The artofcalabash peterkrauss
 
Raesch, gries droidcon 2014
Raesch, gries droidcon 2014Raesch, gries droidcon 2014
Raesch, gries droidcon 2014
 
Android open gl2_droidcon_2014
Android open gl2_droidcon_2014Android open gl2_droidcon_2014
Android open gl2_droidcon_2014
 
20140508 quantified self droidcon
20140508 quantified self droidcon20140508 quantified self droidcon
20140508 quantified self droidcon
 
Tuning android for low ram devices
Tuning android for low ram devicesTuning android for low ram devices
Tuning android for low ram devices
 
Froyo to kit kat two years developing & maintaining deliradio
Froyo to kit kat two years developing & maintaining deliradioFroyo to kit kat two years developing & maintaining deliradio
Froyo to kit kat two years developing & maintaining deliradio
 
Droidcon2013 security genes_trendmicro
Droidcon2013 security genes_trendmicroDroidcon2013 security genes_trendmicro
Droidcon2013 security genes_trendmicro
 

Dernier

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 

Dernier (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 

Lange

  • 1. State of the Union: Android Security Overview Matthias Lange, Steffen Liebergeld, April 9th, 2013, Droidcon 2013
  • 2. Why should I care?
  • 3.
  • 4. Mobile OS Market Share (2012) 2 % 4 % 4 % 5 % 17 % 68 % Android iOS Blackberry Symbian Windows Linux http://www.idc.com/getdoc.jsp?containerId=prUS23638712#.UUL-GaVW6-U
  • 5. Malware Distribution 2010 F-Secure Mobile Threat Report Q4/2012
  • 6. Malware Distribution 2011 F-Secure Mobile Threat Report Q4/2012
  • 7. Malware Distribution 2012 F-Secure Mobile Threat Report Q4/2012
  • 8. No!
  • 10. Agenda • Secure Boot • Memory Management Security Enhancements • Android Application Security • Android Security Problems • Future Improvements
  • 12. Boot Process 1. Initial Bootloader 2. Bootloader 3. Kernel 4. Android init 5. Android platform boot
  • 13. Boot Architecture SoC DRAM DRAM CPU Controller Security Controller Boot Device Subsystem NAND Bootloader Signature SD/MMC ROM eMMC Kernel IBL USB OTG Signature OM Pin
  • 14. Signature Check SHA1 Image Digest/ Image Hash Compare Check with Public Key Signature Signature Digest/ Hash
  • 16. Protection Against Memory Corruption • Since 2.3 Gingerbread • Android >= 4.1 • eXecute Never (XN) • Position Independent Executable (PIE) • mmap_min_addr • Read-only Relocations (RELro) • Android >= 4.0 • Address Space Layout Randomization (ASLR)
  • 17. ASLR • Randomize mapping location of memory • Stack, heap, libs, executable • Primarily provided by Linux kernel • Usually combined with NX
  • 18. Randomization in Gingerbread • cat /proc/PID/maps (vold) 00008000-00028000 r-xp 00000000 b3:09 450 /system/bin/vold 00028000-00029000 rw-p 00020000 b3:09 450 /system/bin/vold afd00000-afd40000 r-xp 00000000 b3:09 743 /system/lib/libc.so afd40000-afd43000 rw-p 00040000 b3:09 743 /system/lib/libc.so b0001000-b0009000 r-xp 00001000 b3:09 375 /system/bin/linker b0009000-b000a000 rw-p 00009000 b3:09 375 /system/bin/linker bebcc000-bebed000 rw-p 00000000 00:00 0 [stack] 00029000-00032000 rw-p 00000000 00:00 0 [heap] 00008000-00028000 r-xp 00000000 b3:09 450 /system/bin/vold 00028000-00029000 rw-p 00020000 b3:09 450 /system/bin/vold afd00000-afd40000 r-xp 00000000 b3:09 743 /system/lib/libc.so afd40000-afd43000 rw-p 00040000 b3:09 743 /system/lib/libc.so b0001000-b0009000 r-xp 00001000 b3:09 375 /system/bin/linker b0009000-b000a000 rw-p 00009000 b3:09 375 /system/bin/linker becf2000-bed13000 rw-p 00000000 00:00 0 [stack] 00029000-00032000 rw-p 00000000 00:00 0 [heap]
  • 19. Randomization in ICS • cat /proc/PID/maps (vold) 00008000-0001f000 r-xp 00000000 103:01 436 /system/bin/vold 0001f000-00020000 rw-p 00017000 103:01 436 /system/bin/vold 400b7000-400f9000 r-xp 00000000 103:01 891 /system/lib/libc.so 400f9000-400fc000 rw-p 00042000 103:01 891 /system/lib/libc.so b0001000-b0009000 r-xp 00001000 103:01 357 /system/bin/linker b0009000-b000a000 rw-p 00009000 103:01 357 /system/bin/linker beabc000-beadd000 rw-p 00000000 00:00 0 [stack] 00020000-0002f000 rw-p 00000000 00:00 0 [heap] 00008000-0001f000 r-xp 00000000 103:01 436 /system/bin/vold 0001f000-00020000 rw-p 00017000 103:01 436 /system/bin/vold 400bc000-400fe000 r-xp 00000000 103:01 891 /system/lib/libc.so 400fe000-40101000 rw-p 00042000 103:01 891 /system/lib/libc.so b0001000-b0009000 r-xp 00001000 103:01 357 /system/bin/linker b0009000-b000a000 rw-p 00009000 103:01 357 /system/bin/linker bee36000-bee57000 rw-p 00000000 00:00 0 [stack] 00020000-0002f000 rw-p 00000000 00:00 0 [heap]
  • 20. Randomization in Jelly Bean • cat /proc/PID/maps (sleep 1000) 400e8000-40100000 r-xp 00000000 103:01 429       /system/bin/toolbox 40101000-40102000 r--p 00018000 103:01 429       /system/bin/toolbox 40102000-40104000 rw-p 00019000 103:01 429       /system/bin/toolbox 40093000-400d6000 r-xp 00000000 103:01 86        /system/lib/libc.so 400d6000-400d9000 rw-p 00043000 103:01 86        /system/lib/libc.so 40195000-401a8000 r-xp 00000000 103:01 889       /system/bin/linker 401a8000-401a9000 r--p 00012000 103:01 889       /system/bin/linker beb87000-beba8000 rw-p 00000000 00:00 0          [stack] 40046000-4005e000 r-xp 00000000 103:01 429       /system/bin/toolbox 4005f000-40060000 r--p 00018000 103:01 429       /system/bin/toolbox 40060000-40062000 rw-p 00019000 103:01 429       /system/bin/toolbox 40067000-400aa000 r-xp 00000000 103:01 86        /system/lib/libc.so 400aa000-400ad000 rw-p 00043000 103:01 86        /system/lib/libc.so 4011c000-4012f000 r-xp 00000000 103:01 889       /system/bin/linker 4012f000-40130000 r--p 00012000 103:01 889       /system/bin/linker bef0d000-bef2e000 rw-p 00000000 00:00 0          [stack]
  • 22. Bouncer • Scans and detects malware while uploading App to Market • App gets executed in emulator • Detection of emulator is easy • Since Jelly Bean 4.2 local version • Scans Apps from alternative app stores
  • 23. App Encryption • Introduced in Jelly Bean 4.1 • Encrypt paid Apps with device specific key • Disabled after bugs have been found
  • 25. Missing Updates • At least three parties involved • Google/OHA, OEM, Carrier • Fast product cycle • Carrier can block updates • Millions of devices with well known vulnerabilities
  • 26. Android Version Distribution Donut Eclair Froyo Gingerbread Honeycomb Ice Cream Sandwich Jelly Bean 4.1 Jelly Bean 4.2 0 12,5 25 37,5 50 http://developer.android.com/about/dashboards/index.html, March, 4th 2013
  • 27. OEM Extensions • Modifications of the Android core • Samsung (/dev/exynos-mem, USSD) • Rootkits in OEM Apps • Bad software quality • Linux drivers
  • 28. Android Security Improvements
  • 29. New Features in Jelly Bean >= 4.2 • Secure USB debugging (whitelist for adb) • Better random number generator based on OpenSSL • SMS confirmation
  • 30. SEAndroid • Android combined with SELinux • Rumor has it: may in Android 5.0 • Samsung Knox
  • 31. Thank you! Q&A