SlideShare a Scribd company logo

Android securitybyexample

Pragati Rai
Pragati Rai

AnDevCon Boston 2013

Technology
1 of 61
Download to read offline
Android  Security  by  Example   Praga%  Ogal  Rai   Mobile  Technology  Evangelist,  PayPal   @praga>ogal    @PayPalDev    
Agenda   securitywatch.pcmag.com     www.androidauthority.com    
Why  do  I  care?   500000+ apps on Google Play applica>onandroid.info    
Why  do  I  care?   I’m free and open!
Why  do  I  care?   You control your phone!
Why  do  I  care?   S e c u r i t y Consumers Developers Carriers OS  Vendors OEMs Services         Infrastructure You only control your phone and your apps!
Architecture   developer.android.com  
Linux  Kernel   Linux  Process  Sandbox   Each  process  get  a  unique  UID  and  a  GID  
Linux  Kernel  (Cont’d)   include/linux/android_aid.h AID_NET_BT            3002                  Can  create  Bluetooth  Sockets   AID_INET                        3003                  Can  create  IPv4  and  IPv6  Sockets  
Dalvik  VM   Photo  by  floheinstein   Dalvik  is  not  a  security  boundary  
Dalvik  VM   G7VJR's  Blog   •  No  security  manager   •  Process  isola>on,  memory  management,  threading   enforced  in  OS     •  Byte  code  verifica>on  for  op>miza>on   •  No  difference  between  na>ve  and  Java  code  
Applica>on  Components   •  Ac%vity:  Define  screens   •  Service:  Background  processing   •  Broadcast  Receiver:  Mailbox  for  messages  from  other   applica>ons   •  Content  Provider:  Rela>onal  database  for  sharing  informa>on      All  components  are  secured  with  permissions  
Ac>vity     Check  out  developer.android.com  
Ac>vity     <ac>vity  android:name=".ExampleAc>vity”                                    android:process=  “:new_process”    android:exported=  “true”    android:permission=  “android.permission.SEND_SMS”>          <intent-­‐filter>                    <ac>on  android:name="android.intent.ac>on.MAIN"  />                    <category  android:name="android.intent.category.LAUNCHER"  />          </intent-­‐filter>   </ac>vity>  
Ac>vity   Intent  intent  =  new  Intent(Intent.ACTION_SEND);   intent.putExtra(Intent.EXTRA_EMAIL,  recipientArray);   startAc>vity(intent);     Onen  run  in  their  UID   Secured  using  permissions   Visibility  can  be  set   Add  categories  to  Intent  Filter   Badly  configured  data  can  be  passed  using  Intent   Do  not  pass  sensi>ve  data  in  intents  
Service   <service android:enabled=["true" | "false"] android:exported=["true" | "false"] android:icon="drawable resource" android:isolatedProcess=["true" | "false"] android:label="string resource" android:name="string" android:permission="string" android:process="string" > . . . . . </service>
Service   <service android:name="bookService" android:process=":my_process" android:icon="@drawable/icon" android:label="@string/service_name" > . . . . . . . </service>
Service   •  Component  can  “bind”  to  service  using  bindService()   •  Binder  channel  to  talk  to  service   •  Check  permissions  of  calling  component  against   PERMISSION_DENIED  or  PERMISSION_GRANTED   getPackageManager().checkPermission(  permToCheck,  name.getPackageName())  
Binder   •  Synchronous  RPC  mechanism   •  Define  interface  with  AIDL   •  Same  process  or  different  processes   •  transact() and  Binder.onTransact() •  Data  sent  as  a  Parcel   •  Secured  by  caller  permission  or  iden>ty  checking  
Broadcast  Receiver   I’ve  got  news!   Service   Android  System   Registered  receivers   Receiver  A   Receiver  B   Receiver  C  
Broadcast  Receiver   <receiver  android:enabled=["true"  |  "false"]                      android:exported=["true"  |  "false"]                      android:icon="drawable  resource"                      android:label="string  resource"                      android:name="string"                      android:permission="string"                      android:process="string"  >          .  .  .   </receiver>  
Broadcast  Receiver   <receiver  android:name=".MyListener"   android:permission="android.permission.READ_SMS">                          <intent-­‐filter>                            <ac>on  android:name="android.provider.Telephony.SMS_RECEIVED"  />                    </intent-­‐filter>                     </receiver>   Protec>ng  a  receiver  with  permission  
Broadcast  Receiver   Selec>ng  which  receiver  to  send  an  Intent   Intent  intent  =  new  Intent();   intent.setAc>on(MY_BROADCAST_ACTION);   sendBroadcast(intent,  "android.provider.Telephony.SMS_RECEIVED");  
Broadcasts   •  Sending  Broadcast  Intents   –  For  sensi>ve  data,  pass  manifest  permission  name   •  Receiving  Broadcast  Intents   –  Validate  input  from  intents   –  Intent  Filter  is  not  a  security  boundary   –  Categories  narrow  down  delivery  but  do  not  guarantee  security   –  android:exported=true •  S>cky  broadcasts  s>ck  around   –  Need  special  privilege  BROADCAST_STICKY    
Content  Provider   Remote   Database     SQLite  DB     Internet   Data  Files   Ac>vity  1     Content   Provider     Applica>on  A   Applica>on  B   Ac>vity   Ac>vity    2   Allows  applica>ons  to  share  data   Protected  with  permissions   Content  providers  use  URI  schemes   Content://<authority>/<table>/[<id>]  
Content  Provider   <provider android:authorities="list" android:enabled=["true" | "false"] android:exported=["true" | "false"] android:grantUriPermissions=["true" | "false"] android:icon="drawable resource" android:initOrder="integer" android:label="string resource" android:multiprocess=["true" | "false"] android:name="string" android:permission="string" android:process="string" android:readPermission="string" android:syncable=["true" | "false"] android:writePermission="string" > . . . . . . . </provider>
Content  Provider   <provider android:authorities="com.example.android.books.contentprovider" android:name=".contentprovider.MyBooksdoContentProvider" android:readPermission=“com.example.android.books.DB_READ” android:writePermission=“com.example.android.book.DB_WRITE”> <grant-uri-permission android:path=“/figures/” /> <meta-data android:name="books" android:value="@string/books" /> </provider>
Applica>on   Check  tag  declara>on  on  developer.android.com  
Permissions   Permissions  restrict  component  interac>on   Permission  labels  defined  in  AndroidManifest.xml   MAC  enforced  by  Reference  Monitor   PackageManager  and  Ac>vityManager  enforce  permissions  
Applica>on  Permissions   ! <uses-­‐permission  android:name="android.permission.CAMERA"  />   <uses-­‐permission  android:name="android.permission.INTERNET"  />   <uses-­‐permission  android:name="android.permission.ACCESS_FINE_LOCATION"  />  
Permissions  for  External  Applica>ons   Defined  in  <applica>on>  tag     Defined  incomponent  tag<ac>vity>,  <provider>,  <receiver>,  <service>   Component  permission  overrides  applica>on  level  permission    
Permissions  for  External  Applica>ons   <applica>on                  android:allowBackup="true"                  android:icon="@drawable/ic_launcher"                  android:label="@string/app_name"                  android:permission="android.permission.ACCESS_COARSE_LOCATION">                                    <service  android:enabled="true"                                    android:name=".MyService"                                                      android:permission="android.permission.WRITE_EXTERNAL_STORAGE">                                          </service>   .  .  .  .  .  .  .  .   </applica>on>  
Permission  Protec>on  Levels   • android.permission.VIBRATE   • com.android.alarm.permission.SET_ALARM   Normal   • android.permission.SEND_SMS   • android.permission.CALL_PHONE   Dangerous   • android.permission.FORCE_STOP_PACKAGES   • android.permission.INJECT_EVENTS   Signature   • android.permission.ACCESS_USB   • android.permission.SET_TIME   SignatureOrSystem  
User  Defined  Permissions   <permission  android:name="com.example.android.book.READ_BOOKSTORE"                          android:descrip>on="@string/perm_read_bookstore"                          android:label="Read  access  to  books  database”                          android:permissionGroup="BOOKSTORE_PERMS"                          android:protec>onLevel="dangerous”/>   <permission-­‐group  android:descrip>on="@string/perm_group_bookstore"                        android:label="@string/perm_group_bookstore_label"                        android:name="BOOKSTORE_PERMS"  />   Create  a  permission   Create  a  permission  group  
User  Defined  Permissions   <permission-­‐tree  android:name="com.example.android.book"                    android:label="@string/perm_tree_book"    />   Create  a  permission  tree   com.example.android.book   com.example.android.book.READ_BOOK   com.example.android.book.bookstore.READ_BOOKSTORE   com.example.android.book.bookstore.WRITE_BOOKSTORE  
Storing  &  Sharing   hyp://blogs.salesforce.com/   Sharing  with  internal  applica>ons  (same  cer>ficate)   Sharing  with  external  applica>ons  
Sharing  with  Internal  Applica>ons   •  sharedUserID   •  Preferences   •  Cache   •  Intents  
sharedUserID   Run  applica>ons  in  same  UID  
SharedUserID   com.example.example1     <manifest  xmlns:android="hyp://schemas.android.com/apk/res/android"          package="com.example.example1"          android:versionCode="1"          android:versionName="1.0"          android:sharedUserId="com.sharedID.example">     com.example.example2     <manifest  xmlns:android="hyp://schemas.android.com/apk/res/android"          package="com.example.example2"          android:versionCode="1"          android:versionName="1.0"          android:sharedUserId="com.sharedID.example">     sharedUserID  follows  package  name  format   Other  naming  conven>on  results  in  error  like  INSTALL_PARSE_FAILED_BAD_SHARED_USER_ID  
Preferences   •  Store  primi>ve  data  in  key-­‐value  format   •  Persistent  storage   •  Sandboxed  with  applica>on  
Cache   //Write  to  the  cache  file   String  myString  =  new  String  (“Hello  World!”);   File  file  =  new  File  (getCacheDir(),  "MyCacheFile");     FileOutputStream  fOut  =  new  FileOutputStream(file);     OutputStreamWriter  osw  =  new  OutputStreamWriter(fOut);         osw.write(myString);         osw.flush();         osw.close();     Cache  file  is  sandboxed  with  applica>on   Can  be  created  on  external  storage:  getExternalCacheDir()   Cache  file  is  deleted  when  system  is  running  low  on  memory    
Sharing  with  External  Applica>ons   •  Content  Providers   •  Files     •  Intents   •  Databases    
Files   •  Applica>ons  have  own  area  for  files   •  Files  are  protected  by  Unix  like  file  permissions   •  Different  modes:  world  readable,  world  writable,   private,  append   File = openFileOutput(“myFile”, Context.MODE_WORLD_READABLE);  
Intents   Intent   Binder  exposed   through  AIDL   Binder   Inter  Component  Interac>on   Asynchronous  IPC   Explicit  or  Implicit  Intents  
Explicit  Intents   I  know   where    you  live! Ac>vity   Applica>on  A   Ac>vity   Applica>on  B   Specify  a  component  name   Do  not  put  sensi>ve  data  in  intents   Components  need  not  be  in  same  applica>on   startActivity(Intent) startBroadcast(Intent)
Implicit  Intent   Ac>vity   Get  me  the  best  match! Ac>vity   Applica>on  B   Applica>on  A   Ac>vity   Applica>on  C   Ac>vity   Applica>on  D   No  component  name  specified   Do  not  put  sensi>ve  data  in  intents   Components  need  not  be  in  same  applica>on   startActivity(Intent) startBroadcast(Intent)
Pending  Intent   •  Token  given  to  a  foreign  applica>on  to  perform  an  ac>on  on  your   applica>on’s  behalf   •  Use  your  applica>on’s  permissions   •  Even  if  its  owning  applica>on's  process  is  killed,  PendingIntent   itself  will  remain  usable  from  other  processes     •  Provide  component  name  in  base  intent   –  PendingIntent.getActivity(Context, int, Intent, int) Ac>vity  A   Ac>vity  B   Use  my  iden>ty  &   permissions   and  get  the  job  done!  
Intent  Filters   •  Ac>vity  Manager  matches  intents  against  Intent  Filters   <receiver android:name=“BootCompletedReceiver”> <intent-filter> <action android:name=“android.intent.action.BOOT_COMPLETED”/> </intent-filter> </receiver> •  Ac>vity  with  Intent  Filter  enabled  becomes  “exported”   •  Ac>vity  with  “android:exported=true”  can  be  started  with  any  intent   •  Intent  Filters  cannot  be  secured  with  permissions   •  Add  categories  to  restrict  what  intent  can  be  called  through   android.intent.category.BROWSEABLE
Intent  Filters    <intent-­‐filter>              <ac>on  android:name="android.intent.ac>on.VIEW"  />              <ac>on  android:name="android.intent.ac>on.EDIT"  />              <ac>on  android:name="android.intent.ac>on.PICK"  />              <category  android:name="android.intent.category.DEFAULT"  />              <data  mimeType:name="vnd.android.cursor.dir/vnd.google.note"  />    </intent-­‐filter>  
AndroidManifest.xml   Turn debugging off www.wpclipart.com    
AndroidManifest.xml   Set component visibility right
AndroidManifest.xml   Protect components by permissions
AndroidManifest.xml   Define access rules ctmls.ctreal.com    
AndroidManifest.xml   Backup and storage decisions en.wikipedia.org    
External  Storage   •  Star>ng  API  8  (Android  2.2)  APKs  can  be  stored  on  external  devices   –  APK  is  stored  in  encrypted  container  called  asec  file   –  Key  is  randomly  generated  and  stored  on  device   –  Dex  files,  private  data,  na>ve  shared  libraries  s>ll  reside  on  internal   memory   –  External  devices  are  mounted  with  “noexec”   •  VFAT  does  not  support  Linux  access  control   •  Sensi>ve  data  should  be  encrypted  before  storing    
Applica>on  Signature   •  Applica>ons  are  self-­‐signed;  no  CA  required   •  Signature  define  persistence   –  Detect  if  the  applica>on  has  changed     –  Applica>on  update   •  Signatures  define  authorship   –  Establish  trust  between  applica>ons     –  Run  in  same  Linux  ID    
Applica>on  Upgrade   •  Applica>ons  can  register  for  auto-­‐updates   •  Applica>ons    should  have  the  same  signature   •  No  addi>onal  permissions  should  be  added   •  Install  loca>on  is  preserved  
System  Packages   •  Come  bundled  with  ROM   •  Have  signatureOrSystem  Permission   •  Cannot  be  uninstalled   •  /system/app  
Summary   •  Linux  process  sandbox     •  Permission  based  component  interac>on   •  Permission  labels  defined  in  AndroidManifest.xml   •  Applica>ons  need  to  be  signed   •  Signature  define  persistence  and  authorship   •  Install  >me  security  decisions        
battlehack.org Berlin        New  York Tel  Aviv      Seattle      Miami           Moscow      Austin     London    Barcelona Washington  DC    
Thank  You!   developer@paypal.com   @PayPalDev  @praga>ogal   hyp://www.slideshare.net/praga>ogal    

Recommended

FOSS STHLM Android Cloud to Device Messaging
FOSS STHLM Android Cloud to Device MessagingFOSS STHLM Android Cloud to Device Messaging
FOSS STHLM Android Cloud to Device MessagingJohan Nilsson
 
Android Cloud to Device Messaging Framework at GTUG Stockholm
Android Cloud to Device Messaging Framework at GTUG StockholmAndroid Cloud to Device Messaging Framework at GTUG Stockholm
Android Cloud to Device Messaging Framework at GTUG StockholmJohan Nilsson
 
Stateless Auth using OAuth2 & JWT
Stateless Auth using OAuth2 & JWTStateless Auth using OAuth2 & JWT
Stateless Auth using OAuth2 & JWTGaurav Roy
 
An Introduction to OAuth2
An Introduction to OAuth2An Introduction to OAuth2
An Introduction to OAuth2Aaron Parecki
 
Skyrocketing Web APIs
Skyrocketing Web APIsSkyrocketing Web APIs
Skyrocketing Web APIsDaniel Cerecedo
 
1. device onboarding pdf
1. device onboarding pdf1. device onboarding pdf
1. device onboarding pdfJudePragashVedam
 
From 0 to Spring Security 4.0
From 0 to Spring Security 4.0From 0 to Spring Security 4.0
From 0 to Spring Security 4.0robwinch
 
OAuth2 Authentication
OAuth2 AuthenticationOAuth2 Authentication
OAuth2 AuthenticationIsmael Costa
 

Recommended

FOSS STHLM Android Cloud to Device Messaging
FOSS STHLM Android Cloud to Device MessagingFOSS STHLM Android Cloud to Device Messaging
FOSS STHLM Android Cloud to Device MessagingJohan Nilsson
 
Android Cloud to Device Messaging Framework at GTUG Stockholm
Android Cloud to Device Messaging Framework at GTUG StockholmAndroid Cloud to Device Messaging Framework at GTUG Stockholm
Android Cloud to Device Messaging Framework at GTUG StockholmJohan Nilsson
 
Stateless Auth using OAuth2 & JWT
Stateless Auth using OAuth2 & JWTStateless Auth using OAuth2 & JWT
Stateless Auth using OAuth2 & JWTGaurav Roy
 
An Introduction to OAuth2
An Introduction to OAuth2An Introduction to OAuth2
An Introduction to OAuth2Aaron Parecki
 
Skyrocketing Web APIs
Skyrocketing Web APIsSkyrocketing Web APIs
Skyrocketing Web APIsDaniel Cerecedo
 
1. device onboarding pdf
1. device onboarding pdf1. device onboarding pdf
1. device onboarding pdfJudePragashVedam
 
From 0 to Spring Security 4.0
From 0 to Spring Security 4.0From 0 to Spring Security 4.0
From 0 to Spring Security 4.0robwinch
 
OAuth2 Authentication
OAuth2 AuthenticationOAuth2 Authentication
OAuth2 AuthenticationIsmael Costa
 
OAuth2 and Spring Security
OAuth2 and Spring SecurityOAuth2 and Spring Security
OAuth2 and Spring SecurityOrest Ivasiv
 
Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Alvaro Sanchez-Mariscal
 
Enabling Cloud Native Security with OAuth2 and Multi-Tenant UAA
Enabling Cloud Native Security with OAuth2 and Multi-Tenant UAA Enabling Cloud Native Security with OAuth2 and Multi-Tenant UAA
Enabling Cloud Native Security with OAuth2 and Multi-Tenant UAA Will Tran
 
OAuth 2 Presentation
OAuth 2 PresentationOAuth 2 Presentation
OAuth 2 PresentationMohamed Ahmed Abdullah
 
Pentest Expectations
Pentest ExpectationsPentest Expectations
Pentest ExpectationsIhor Uzhvenko
 
Stateless authentication for microservices
Stateless authentication for microservicesStateless authentication for microservices
Stateless authentication for microservicesAlvaro Sanchez-Mariscal
 
OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0Uwe Friedrichsen
 
Adding Identity Management and Access Control to your App
Adding Identity Management and Access Control to your AppAdding Identity Management and Access Control to your App
Adding Identity Management and Access Control to your AppFIWARE
 
What the Heck is OAuth and OpenID Connect - DOSUG 2018
What the Heck is OAuth and OpenID Connect - DOSUG 2018What the Heck is OAuth and OpenID Connect - DOSUG 2018
What the Heck is OAuth and OpenID Connect - DOSUG 2018Matt Raible
 
Android Security Essentials
Android Security EssentialsAndroid Security Essentials
Android Security EssentialsOSCON Byrum
 
Android Security Essentials Presentation
Android Security Essentials PresentationAndroid Security Essentials Presentation
Android Security Essentials PresentationAndrew Wong
 
Securing android applications
Securing android applicationsSecuring android applications
Securing android applicationsJose Manuel Ortega Candel
 
Android App development and test environment, Understaing android app structure
Android App development and test environment, Understaing android app structureAndroid App development and test environment, Understaing android app structure
Android App development and test environment, Understaing android app structureVijay Rastogi
 
Get Ready for Target SDK Version 29 and 30
Get Ready for Target SDK Version 29 and 30Get Ready for Target SDK Version 29 and 30
Get Ready for Target SDK Version 29 and 30Somkiat Khitwongwattana
 
Android Froyo
Android FroyoAndroid Froyo
Android FroyoRobert Cooper
 
Rapidly develop secure mobile apps with IBM MobileFirst on Bluemix Containers
Rapidly develop secure mobile apps with IBM MobileFirst on Bluemix ContainersRapidly develop secure mobile apps with IBM MobileFirst on Bluemix Containers
Rapidly develop secure mobile apps with IBM MobileFirst on Bluemix ContainersAjay Chebbi
 
Android app development basics
Android app development basicsAndroid app development basics
Android app development basicsAnton Narusberg
 
Invading the home screen
Invading the home screenInvading the home screen
Invading the home screenMatteo Bonifazi
 
Обзор Android M
Обзор Android MОбзор Android M
Обзор Android MWOX APP
 
I/O Rewind 215: What's new in Android
I/O Rewind 215: What's new in AndroidI/O Rewind 215: What's new in Android
I/O Rewind 215: What's new in AndroidSittiphol Phanvilai
 
Securing Android
Securing AndroidSecuring Android
Securing AndroidMarakana Inc.
 
Mitigating data theft_in_android
Mitigating data theft_in_androidMitigating data theft_in_android
Mitigating data theft_in_androidRashmi Bhandari
 

More Related Content

What's hot

OAuth2 and Spring Security
OAuth2 and Spring SecurityOAuth2 and Spring Security
OAuth2 and Spring SecurityOrest Ivasiv
 
Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Alvaro Sanchez-Mariscal
 
Enabling Cloud Native Security with OAuth2 and Multi-Tenant UAA
Enabling Cloud Native Security with OAuth2 and Multi-Tenant UAA Enabling Cloud Native Security with OAuth2 and Multi-Tenant UAA
Enabling Cloud Native Security with OAuth2 and Multi-Tenant UAA Will Tran
 
Pentest Expectations
Pentest ExpectationsPentest Expectations
Pentest ExpectationsIhor Uzhvenko
 
Stateless authentication for microservices
Stateless authentication for microservicesStateless authentication for microservices
Stateless authentication for microservicesAlvaro Sanchez-Mariscal
 
Adding Identity Management and Access Control to your App
Adding Identity Management and Access Control to your AppAdding Identity Management and Access Control to your App
Adding Identity Management and Access Control to your AppFIWARE
 
What the Heck is OAuth and OpenID Connect - DOSUG 2018
What the Heck is OAuth and OpenID Connect - DOSUG 2018What the Heck is OAuth and OpenID Connect - DOSUG 2018
What the Heck is OAuth and OpenID Connect - DOSUG 2018Matt Raible
 

What's hot (9)

OAuth2 and Spring Security
OAuth2 and Spring SecurityOAuth2 and Spring Security
OAuth2 and Spring Security
 
Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015
 
Enabling Cloud Native Security with OAuth2 and Multi-Tenant UAA
Enabling Cloud Native Security with OAuth2 and Multi-Tenant UAA Enabling Cloud Native Security with OAuth2 and Multi-Tenant UAA
Enabling Cloud Native Security with OAuth2 and Multi-Tenant UAA
 
OAuth 2 Presentation
OAuth 2 PresentationOAuth 2 Presentation
OAuth 2 Presentation
 
Pentest Expectations
Pentest ExpectationsPentest Expectations
Pentest Expectations
 
Stateless authentication for microservices
Stateless authentication for microservicesStateless authentication for microservices
Stateless authentication for microservices
 
OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0
 
Adding Identity Management and Access Control to your App
Adding Identity Management and Access Control to your AppAdding Identity Management and Access Control to your App
Adding Identity Management and Access Control to your App
 
What the Heck is OAuth and OpenID Connect - DOSUG 2018
What the Heck is OAuth and OpenID Connect - DOSUG 2018What the Heck is OAuth and OpenID Connect - DOSUG 2018
What the Heck is OAuth and OpenID Connect - DOSUG 2018
 

Similar to Android securitybyexample

Android Security Essentials
Android Security EssentialsAndroid Security Essentials
Android Security EssentialsOSCON Byrum
 
Android Security Essentials Presentation
Android Security Essentials PresentationAndroid Security Essentials Presentation
Android Security Essentials PresentationAndrew Wong
 
Android App development and test environment, Understaing android app structure
Android App development and test environment, Understaing android app structureAndroid App development and test environment, Understaing android app structure
Android App development and test environment, Understaing android app structureVijay Rastogi
 
Get Ready for Target SDK Version 29 and 30
Get Ready for Target SDK Version 29 and 30Get Ready for Target SDK Version 29 and 30
Get Ready for Target SDK Version 29 and 30Somkiat Khitwongwattana
 
Rapidly develop secure mobile apps with IBM MobileFirst on Bluemix Containers
Rapidly develop secure mobile apps with IBM MobileFirst on Bluemix ContainersRapidly develop secure mobile apps with IBM MobileFirst on Bluemix Containers
Rapidly develop secure mobile apps with IBM MobileFirst on Bluemix ContainersAjay Chebbi
 
Android app development basics
Android app development basicsAndroid app development basics
Android app development basicsAnton Narusberg
 
Invading the home screen
Invading the home screenInvading the home screen
Invading the home screenMatteo Bonifazi
 
Обзор Android M
Обзор Android MОбзор Android M
Обзор Android MWOX APP
 
I/O Rewind 215: What's new in Android
I/O Rewind 215: What's new in AndroidI/O Rewind 215: What's new in Android
I/O Rewind 215: What's new in AndroidSittiphol Phanvilai
 
Mitigating data theft_in_android
Mitigating data theft_in_androidMitigating data theft_in_android
Mitigating data theft_in_androidRashmi Bhandari
 
Mobile SDKs: Use with Caution - Ori Lentzitzky
Mobile SDKs: Use with Caution - Ori LentzitzkyMobile SDKs: Use with Caution - Ori Lentzitzky
Mobile SDKs: Use with Caution - Ori LentzitzkyDroidConTLV
 
Colombo Mobile Developer MeetUp - Building Scalable Cloud Connected Mobile Ap...
Colombo Mobile Developer MeetUp - Building Scalable Cloud Connected Mobile Ap...Colombo Mobile Developer MeetUp - Building Scalable Cloud Connected Mobile Ap...
Colombo Mobile Developer MeetUp - Building Scalable Cloud Connected Mobile Ap...99X Technology
 
Daniel Kachakil - Android's Download Provider: Discovering and exploiting thr...
Daniel Kachakil - Android's Download Provider: Discovering and exploiting thr...Daniel Kachakil - Android's Download Provider: Discovering and exploiting thr...
Daniel Kachakil - Android's Download Provider: Discovering and exploiting thr...RootedCON
 
Permission in Android Security: Threats and solution
Permission in Android Security: Threats and solutionPermission in Android Security: Threats and solution
Permission in Android Security: Threats and solutionTandhy Simanjuntak
 
Automating Threat Detection and Remediation at ZocDoc
Automating Threat Detection and Remediation at ZocDocAutomating Threat Detection and Remediation at ZocDoc
Automating Threat Detection and Remediation at ZocDocAmazon Web Services
 

Similar to Android securitybyexample (20)

Android Security Essentials
Android Security EssentialsAndroid Security Essentials
Android Security Essentials
 
Android Security Essentials Presentation
Android Security Essentials PresentationAndroid Security Essentials Presentation
Android Security Essentials Presentation
 
Securing android applications
Securing android applicationsSecuring android applications
Securing android applications
 
Android App development and test environment, Understaing android app structure
Android App development and test environment, Understaing android app structureAndroid App development and test environment, Understaing android app structure
Android App development and test environment, Understaing android app structure
 
Get Ready for Target SDK Version 29 and 30
Get Ready for Target SDK Version 29 and 30Get Ready for Target SDK Version 29 and 30
Get Ready for Target SDK Version 29 and 30
 
Android Froyo
Android FroyoAndroid Froyo
Android Froyo
 
Rapidly develop secure mobile apps with IBM MobileFirst on Bluemix Containers
Rapidly develop secure mobile apps with IBM MobileFirst on Bluemix ContainersRapidly develop secure mobile apps with IBM MobileFirst on Bluemix Containers
Rapidly develop secure mobile apps with IBM MobileFirst on Bluemix Containers
 
Android app development basics
Android app development basicsAndroid app development basics
Android app development basics
 
Invading the home screen
Invading the home screenInvading the home screen
Invading the home screen
 
Обзор Android M
Обзор Android MОбзор Android M
Обзор Android M
 
I/O Rewind 215: What's new in Android
I/O Rewind 215: What's new in AndroidI/O Rewind 215: What's new in Android
I/O Rewind 215: What's new in Android
 
Securing Android
Securing AndroidSecuring Android
Securing Android
 
Mitigating data theft_in_android
Mitigating data theft_in_androidMitigating data theft_in_android
Mitigating data theft_in_android
 
Mobile SDKs: Use with Caution - Ori Lentzitzky
Mobile SDKs: Use with Caution - Ori LentzitzkyMobile SDKs: Use with Caution - Ori Lentzitzky
Mobile SDKs: Use with Caution - Ori Lentzitzky
 
Android workshop
Android workshopAndroid workshop
Android workshop
 
Android Security
Android SecurityAndroid Security
Android Security
 
Colombo Mobile Developer MeetUp - Building Scalable Cloud Connected Mobile Ap...
Colombo Mobile Developer MeetUp - Building Scalable Cloud Connected Mobile Ap...Colombo Mobile Developer MeetUp - Building Scalable Cloud Connected Mobile Ap...
Colombo Mobile Developer MeetUp - Building Scalable Cloud Connected Mobile Ap...
 
Daniel Kachakil - Android's Download Provider: Discovering and exploiting thr...
Daniel Kachakil - Android's Download Provider: Discovering and exploiting thr...Daniel Kachakil - Android's Download Provider: Discovering and exploiting thr...
Daniel Kachakil - Android's Download Provider: Discovering and exploiting thr...
 
Permission in Android Security: Threats and solution
Permission in Android Security: Threats and solutionPermission in Android Security: Threats and solution
Permission in Android Security: Threats and solution
 
Automating Threat Detection and Remediation at ZocDoc
Automating Threat Detection and Remediation at ZocDocAutomating Threat Detection and Remediation at ZocDoc
Automating Threat Detection and Remediation at ZocDoc
 

More from Pragati Rai

Hard problems in mobile commerce
Hard problems in mobile commerceHard problems in mobile commerce
Hard problems in mobile commercePragati Rai
 
Mobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectiveMobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectivePragati Rai
 
Be Your Own Technology Brand Ambassador
Be Your Own Technology Brand AmbassadorBe Your Own Technology Brand Ambassador
Be Your Own Technology Brand AmbassadorPragati Rai
 
Mobile Payments revolution
Mobile Payments revolutionMobile Payments revolution
Mobile Payments revolutionPragati Rai
 
From java to android a security analysis
From java to android a security analysisFrom java to android a security analysis
From java to android a security analysisPragati Rai
 
The basics of mobile payments
The basics of mobile paymentsThe basics of mobile payments
The basics of mobile paymentsPragati Rai
 
Java & The Android Stack: A Security Analysis
Java & The Android Stack: A Security AnalysisJava & The Android Stack: A Security Analysis
Java & The Android Stack: A Security AnalysisPragati Rai
 
How are mobile devices changing face of payments?
How are mobile devices changing face of payments?How are mobile devices changing face of payments?
How are mobile devices changing face of payments?Pragati Rai
 
Mobile payments 101
Mobile payments 101Mobile payments 101
Mobile payments 101Pragati Rai
 
Enhancing your mobile commerce apps with eBay Inc.
Enhancing your mobile commerce apps with eBay Inc.Enhancing your mobile commerce apps with eBay Inc.
Enhancing your mobile commerce apps with eBay Inc.Pragati Rai
 
New Security Considerations for Mobile Commerce
New Security Considerations for Mobile CommerceNew Security Considerations for Mobile Commerce
New Security Considerations for Mobile CommercePragati Rai
 
Amphion Forum: Understanding Android Secuity
Amphion Forum: Understanding Android SecuityAmphion Forum: Understanding Android Secuity
Amphion Forum: Understanding Android SecuityPragati Rai
 
Understanding Mobile payments
Understanding Mobile paymentsUnderstanding Mobile payments
Understanding Mobile paymentsPragati Rai
 
Mobile Ecosystem
Mobile EcosystemMobile Ecosystem
Mobile EcosystemPragati Rai
 
Understanding android security model
Understanding android security modelUnderstanding android security model
Understanding android security modelPragati Rai
 

More from Pragati Rai (15)

Hard problems in mobile commerce
Hard problems in mobile commerceHard problems in mobile commerce
Hard problems in mobile commerce
 
Mobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectiveMobile Commerce: A Security Perspective
Mobile Commerce: A Security Perspective
 
Be Your Own Technology Brand Ambassador
Be Your Own Technology Brand AmbassadorBe Your Own Technology Brand Ambassador
Be Your Own Technology Brand Ambassador
 
Mobile Payments revolution
Mobile Payments revolutionMobile Payments revolution
Mobile Payments revolution
 
From java to android a security analysis
From java to android a security analysisFrom java to android a security analysis
From java to android a security analysis
 
The basics of mobile payments
The basics of mobile paymentsThe basics of mobile payments
The basics of mobile payments
 
Java & The Android Stack: A Security Analysis
Java & The Android Stack: A Security AnalysisJava & The Android Stack: A Security Analysis
Java & The Android Stack: A Security Analysis
 
How are mobile devices changing face of payments?
How are mobile devices changing face of payments?How are mobile devices changing face of payments?
How are mobile devices changing face of payments?
 
Mobile payments 101
Mobile payments 101Mobile payments 101
Mobile payments 101
 
Enhancing your mobile commerce apps with eBay Inc.
Enhancing your mobile commerce apps with eBay Inc.Enhancing your mobile commerce apps with eBay Inc.
Enhancing your mobile commerce apps with eBay Inc.
 
New Security Considerations for Mobile Commerce
New Security Considerations for Mobile CommerceNew Security Considerations for Mobile Commerce
New Security Considerations for Mobile Commerce
 
Amphion Forum: Understanding Android Secuity
Amphion Forum: Understanding Android SecuityAmphion Forum: Understanding Android Secuity
Amphion Forum: Understanding Android Secuity
 
Understanding Mobile payments
Understanding Mobile paymentsUnderstanding Mobile payments
Understanding Mobile payments
 
Mobile Ecosystem
Mobile EcosystemMobile Ecosystem
Mobile Ecosystem
 
Understanding android security model
Understanding android security modelUnderstanding android security model
Understanding android security model
 

Recently uploaded

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 

Recently uploaded (20)

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 

Android securitybyexample

  • 1. Android  Security  by  Example   Praga%  Ogal  Rai   Mobile  Technology  Evangelist,  PayPal   @praga>ogal    @PayPalDev    
  • 2. Agenda   securitywatch.pcmag.com     www.androidauthority.com    
  • 3. Why  do  I  care?   500000+ apps on Google Play applica>onandroid.info    
  • 4. Why  do  I  care?   I’m free and open!
  • 5. Why  do  I  care?   You control your phone!
  • 6. Why  do  I  care?   S e c u r i t y Consumers Developers Carriers OS  Vendors OEMs Services         Infrastructure You only control your phone and your apps!
  • 8. Linux  Kernel   Linux  Process  Sandbox   Each  process  get  a  unique  UID  and  a  GID  
  • 9. Linux  Kernel  (Cont’d)   include/linux/android_aid.h AID_NET_BT            3002                  Can  create  Bluetooth  Sockets   AID_INET                        3003                  Can  create  IPv4  and  IPv6  Sockets  
  • 10. Dalvik  VM   Photo  by  floheinstein   Dalvik  is  not  a  security  boundary  
  • 11. Dalvik  VM   G7VJR's  Blog   •  No  security  manager   •  Process  isola>on,  memory  management,  threading   enforced  in  OS     •  Byte  code  verifica>on  for  op>miza>on   •  No  difference  between  na>ve  and  Java  code  
  • 12. Applica>on  Components   •  Ac%vity:  Define  screens   •  Service:  Background  processing   •  Broadcast  Receiver:  Mailbox  for  messages  from  other   applica>ons   •  Content  Provider:  Rela>onal  database  for  sharing  informa>on      All  components  are  secured  with  permissions  
  • 13. Ac>vity     Check  out  developer.android.com  
  • 14. Ac>vity     <ac>vity  android:name=".ExampleAc>vity”                                    android:process=  “:new_process”    android:exported=  “true”    android:permission=  “android.permission.SEND_SMS”>          <intent-­‐filter>                    <ac>on  android:name="android.intent.ac>on.MAIN"  />                    <category  android:name="android.intent.category.LAUNCHER"  />          </intent-­‐filter>   </ac>vity>  
  • 15. Ac>vity   Intent  intent  =  new  Intent(Intent.ACTION_SEND);   intent.putExtra(Intent.EXTRA_EMAIL,  recipientArray);   startAc>vity(intent);     Onen  run  in  their  UID   Secured  using  permissions   Visibility  can  be  set   Add  categories  to  Intent  Filter   Badly  configured  data  can  be  passed  using  Intent   Do  not  pass  sensi>ve  data  in  intents  
  • 16. Service   <service android:enabled=["true" | "false"] android:exported=["true" | "false"] android:icon="drawable resource" android:isolatedProcess=["true" | "false"] android:label="string resource" android:name="string" android:permission="string" android:process="string" > . . . . . </service>
  • 18. Service   •  Component  can  “bind”  to  service  using  bindService()   •  Binder  channel  to  talk  to  service   •  Check  permissions  of  calling  component  against   PERMISSION_DENIED  or  PERMISSION_GRANTED   getPackageManager().checkPermission(  permToCheck,  name.getPackageName())  
  • 19. Binder   •  Synchronous  RPC  mechanism   •  Define  interface  with  AIDL   •  Same  process  or  different  processes   •  transact() and  Binder.onTransact() •  Data  sent  as  a  Parcel   •  Secured  by  caller  permission  or  iden>ty  checking  
  • 20. Broadcast  Receiver   I’ve  got  news!   Service   Android  System   Registered  receivers   Receiver  A   Receiver  B   Receiver  C  
  • 21. Broadcast  Receiver   <receiver  android:enabled=["true"  |  "false"]                      android:exported=["true"  |  "false"]                      android:icon="drawable  resource"                      android:label="string  resource"                      android:name="string"                      android:permission="string"                      android:process="string"  >          .  .  .   </receiver>  
  • 22. Broadcast  Receiver   <receiver  android:name=".MyListener"   android:permission="android.permission.READ_SMS">                          <intent-­‐filter>                            <ac>on  android:name="android.provider.Telephony.SMS_RECEIVED"  />                    </intent-­‐filter>                     </receiver>   Protec>ng  a  receiver  with  permission  
  • 23. Broadcast  Receiver   Selec>ng  which  receiver  to  send  an  Intent   Intent  intent  =  new  Intent();   intent.setAc>on(MY_BROADCAST_ACTION);   sendBroadcast(intent,  "android.provider.Telephony.SMS_RECEIVED");  
  • 24. Broadcasts   •  Sending  Broadcast  Intents   –  For  sensi>ve  data,  pass  manifest  permission  name   •  Receiving  Broadcast  Intents   –  Validate  input  from  intents   –  Intent  Filter  is  not  a  security  boundary   –  Categories  narrow  down  delivery  but  do  not  guarantee  security   –  android:exported=true •  S>cky  broadcasts  s>ck  around   –  Need  special  privilege  BROADCAST_STICKY    
  • 25. Content  Provider   Remote   Database     SQLite  DB     Internet   Data  Files   Ac>vity  1     Content   Provider     Applica>on  A   Applica>on  B   Ac>vity   Ac>vity    2   Allows  applica>ons  to  share  data   Protected  with  permissions   Content  providers  use  URI  schemes   Content://<authority>/<table>/[<id>]  
  • 26. Content  Provider   <provider android:authorities="list" android:enabled=["true" | "false"] android:exported=["true" | "false"] android:grantUriPermissions=["true" | "false"] android:icon="drawable resource" android:initOrder="integer" android:label="string resource" android:multiprocess=["true" | "false"] android:name="string" android:permission="string" android:process="string" android:readPermission="string" android:syncable=["true" | "false"] android:writePermission="string" > . . . . . . . </provider>
  • 28. Applica>on   Check  tag  declara>on  on  developer.android.com  
  • 29. Permissions   Permissions  restrict  component  interac>on   Permission  labels  defined  in  AndroidManifest.xml   MAC  enforced  by  Reference  Monitor   PackageManager  and  Ac>vityManager  enforce  permissions  
  • 30. Applica>on  Permissions   ! <uses-­‐permission  android:name="android.permission.CAMERA"  />   <uses-­‐permission  android:name="android.permission.INTERNET"  />   <uses-­‐permission  android:name="android.permission.ACCESS_FINE_LOCATION"  />  
  • 31. Permissions  for  External  Applica>ons   Defined  in  <applica>on>  tag     Defined  incomponent  tag<ac>vity>,  <provider>,  <receiver>,  <service>   Component  permission  overrides  applica>on  level  permission    
  • 32. Permissions  for  External  Applica>ons   <applica>on                  android:allowBackup="true"                  android:icon="@drawable/ic_launcher"                  android:label="@string/app_name"                  android:permission="android.permission.ACCESS_COARSE_LOCATION">                                    <service  android:enabled="true"                                    android:name=".MyService"                                                      android:permission="android.permission.WRITE_EXTERNAL_STORAGE">                                          </service>   .  .  .  .  .  .  .  .   </applica>on>  
  • 33. Permission  Protec>on  Levels   • android.permission.VIBRATE   • com.android.alarm.permission.SET_ALARM   Normal   • android.permission.SEND_SMS   • android.permission.CALL_PHONE   Dangerous   • android.permission.FORCE_STOP_PACKAGES   • android.permission.INJECT_EVENTS   Signature   • android.permission.ACCESS_USB   • android.permission.SET_TIME   SignatureOrSystem  
  • 34. User  Defined  Permissions   <permission  android:name="com.example.android.book.READ_BOOKSTORE"                          android:descrip>on="@string/perm_read_bookstore"                          android:label="Read  access  to  books  database”                          android:permissionGroup="BOOKSTORE_PERMS"                          android:protec>onLevel="dangerous”/>   <permission-­‐group  android:descrip>on="@string/perm_group_bookstore"                        android:label="@string/perm_group_bookstore_label"                        android:name="BOOKSTORE_PERMS"  />   Create  a  permission   Create  a  permission  group  
  • 35. User  Defined  Permissions   <permission-­‐tree  android:name="com.example.android.book"                    android:label="@string/perm_tree_book"    />   Create  a  permission  tree   com.example.android.book   com.example.android.book.READ_BOOK   com.example.android.book.bookstore.READ_BOOKSTORE   com.example.android.book.bookstore.WRITE_BOOKSTORE  
  • 36. Storing  &  Sharing   hyp://blogs.salesforce.com/   Sharing  with  internal  applica>ons  (same  cer>ficate)   Sharing  with  external  applica>ons  
  • 37. Sharing  with  Internal  Applica>ons   •  sharedUserID   •  Preferences   •  Cache   •  Intents  
  • 38. sharedUserID   Run  applica>ons  in  same  UID  
  • 39. SharedUserID   com.example.example1     <manifest  xmlns:android="hyp://schemas.android.com/apk/res/android"          package="com.example.example1"          android:versionCode="1"          android:versionName="1.0"          android:sharedUserId="com.sharedID.example">     com.example.example2     <manifest  xmlns:android="hyp://schemas.android.com/apk/res/android"          package="com.example.example2"          android:versionCode="1"          android:versionName="1.0"          android:sharedUserId="com.sharedID.example">     sharedUserID  follows  package  name  format   Other  naming  conven>on  results  in  error  like  INSTALL_PARSE_FAILED_BAD_SHARED_USER_ID  
  • 40. Preferences   •  Store  primi>ve  data  in  key-­‐value  format   •  Persistent  storage   •  Sandboxed  with  applica>on  
  • 41. Cache   //Write  to  the  cache  file   String  myString  =  new  String  (“Hello  World!”);   File  file  =  new  File  (getCacheDir(),  "MyCacheFile");     FileOutputStream  fOut  =  new  FileOutputStream(file);     OutputStreamWriter  osw  =  new  OutputStreamWriter(fOut);         osw.write(myString);         osw.flush();         osw.close();     Cache  file  is  sandboxed  with  applica>on   Can  be  created  on  external  storage:  getExternalCacheDir()   Cache  file  is  deleted  when  system  is  running  low  on  memory    
  • 42. Sharing  with  External  Applica>ons   •  Content  Providers   •  Files     •  Intents   •  Databases    
  • 43. Files   •  Applica>ons  have  own  area  for  files   •  Files  are  protected  by  Unix  like  file  permissions   •  Different  modes:  world  readable,  world  writable,   private,  append   File = openFileOutput(“myFile”, Context.MODE_WORLD_READABLE);  
  • 44. Intents   Intent   Binder  exposed   through  AIDL   Binder   Inter  Component  Interac>on   Asynchronous  IPC   Explicit  or  Implicit  Intents  
  • 45. Explicit  Intents   I  know   where    you  live! Ac>vity   Applica>on  A   Ac>vity   Applica>on  B   Specify  a  component  name   Do  not  put  sensi>ve  data  in  intents   Components  need  not  be  in  same  applica>on   startActivity(Intent) startBroadcast(Intent)
  • 46. Implicit  Intent   Ac>vity   Get  me  the  best  match! Ac>vity   Applica>on  B   Applica>on  A   Ac>vity   Applica>on  C   Ac>vity   Applica>on  D   No  component  name  specified   Do  not  put  sensi>ve  data  in  intents   Components  need  not  be  in  same  applica>on   startActivity(Intent) startBroadcast(Intent)
  • 47. Pending  Intent   •  Token  given  to  a  foreign  applica>on  to  perform  an  ac>on  on  your   applica>on’s  behalf   •  Use  your  applica>on’s  permissions   •  Even  if  its  owning  applica>on's  process  is  killed,  PendingIntent   itself  will  remain  usable  from  other  processes     •  Provide  component  name  in  base  intent   –  PendingIntent.getActivity(Context, int, Intent, int) Ac>vity  A   Ac>vity  B   Use  my  iden>ty  &   permissions   and  get  the  job  done!  
  • 48. Intent  Filters   •  Ac>vity  Manager  matches  intents  against  Intent  Filters   <receiver android:name=“BootCompletedReceiver”> <intent-filter> <action android:name=“android.intent.action.BOOT_COMPLETED”/> </intent-filter> </receiver> •  Ac>vity  with  Intent  Filter  enabled  becomes  “exported”   •  Ac>vity  with  “android:exported=true”  can  be  started  with  any  intent   •  Intent  Filters  cannot  be  secured  with  permissions   •  Add  categories  to  restrict  what  intent  can  be  called  through   android.intent.category.BROWSEABLE
  • 49. Intent  Filters    <intent-­‐filter>              <ac>on  android:name="android.intent.ac>on.VIEW"  />              <ac>on  android:name="android.intent.ac>on.EDIT"  />              <ac>on  android:name="android.intent.ac>on.PICK"  />              <category  android:name="android.intent.category.DEFAULT"  />              <data  mimeType:name="vnd.android.cursor.dir/vnd.google.note"  />    </intent-­‐filter>  
  • 50. AndroidManifest.xml   Turn debugging off www.wpclipart.com    
  • 53. AndroidManifest.xml   Define access rules ctmls.ctreal.com    
  • 54. AndroidManifest.xml   Backup and storage decisions en.wikipedia.org    
  • 55. External  Storage   •  Star>ng  API  8  (Android  2.2)  APKs  can  be  stored  on  external  devices   –  APK  is  stored  in  encrypted  container  called  asec  file   –  Key  is  randomly  generated  and  stored  on  device   –  Dex  files,  private  data,  na>ve  shared  libraries  s>ll  reside  on  internal   memory   –  External  devices  are  mounted  with  “noexec”   •  VFAT  does  not  support  Linux  access  control   •  Sensi>ve  data  should  be  encrypted  before  storing    
  • 56. Applica>on  Signature   •  Applica>ons  are  self-­‐signed;  no  CA  required   •  Signature  define  persistence   –  Detect  if  the  applica>on  has  changed     –  Applica>on  update   •  Signatures  define  authorship   –  Establish  trust  between  applica>ons     –  Run  in  same  Linux  ID    
  • 57. Applica>on  Upgrade   •  Applica>ons  can  register  for  auto-­‐updates   •  Applica>ons    should  have  the  same  signature   •  No  addi>onal  permissions  should  be  added   •  Install  loca>on  is  preserved  
  • 58. System  Packages   •  Come  bundled  with  ROM   •  Have  signatureOrSystem  Permission   •  Cannot  be  uninstalled   •  /system/app  
  • 59. Summary   •  Linux  process  sandbox     •  Permission  based  component  interac>on   •  Permission  labels  defined  in  AndroidManifest.xml   •  Applica>ons  need  to  be  signed   •  Signature  define  persistence  and  authorship   •  Install  >me  security  decisions        
  • 60. battlehack.org Berlin        New  York Tel  Aviv      Seattle      Miami           Moscow      Austin     London    Barcelona Washington  DC    
  • 61. Thank  You!   developer@paypal.com   @PayPalDev  @praga>ogal   hyp://www.slideshare.net/praga>ogal