SlideShare a Scribd company logo

History of Android Security – from linux to jelly bean

Download as PPTX, PDF
Jung Pil (J.P.) Choi
Jung Pil (J.P.) Choi

Presentation for NHN Deview 2012 http://deview.kr/2012/xe/index.php?document_srl=442&dummy=1&mid=track

1 of 29
About Me 2000 AT&T Wireless: OODB/CORBA 2001Cellvic(JTEL): CellvicOS/JVM 2003 Samsung: JVM for DTV/SimpleJIT 2007 Aromasoft: JVM for Mobile/JIT Optimization/Dalvik 2011 GE korea: Smart appliance/Linux 2012 SK플래닛: Android/T-Store ARM/Security – jungpil.@sk.com 또는 lifeisliving@naver.com
• 개인정보가 인터넷으로 빠져나간다 • 앱이 허락받지 않은 인터넷을 사용한다 • 앱이 허락받지 않은 동작(?)을 한다 • 앱이 스스로 루팅을 한다 • 앱이 코드를 스스로 변경한다 • 앱이 Dalvik VM의 정보를 변경한다 • 안드로이드앱이 Dalvik VM이 아닌 다른 VM을 실행시킨다
• 5억대 판매된, 하루에 130만대씩 개통되는 단말? • A Java platform? – 역사상 자바가 표준 개발언어인 첫 번째 디바이스? RIM? NDK? • A forked Linux? – Why linux? • Andy Rubin: was a Apple Employee • 대안이 없어서? – 역사상 가장 많이 팔린 linux device?
• Linux: Open Source – ‘mkdir android ; cd android ; repo init -u git://android.git.kernel.org/platform/manifest.git ; repo sync ; make’ • Java: easy to learn, many developers – but an easy language for reverse-enigneering • dex2jar, APKTool, JD-GUI, APKInspector, Smali, Dedexer,,, • 환상의 커플!!!
• Just a linux application – following Google guides
• Linux Process • Dalvik VM • Bionic • JNI • Is that all??? – Missing something… – PackageManager, ActivityManager,,,
• Java? • No more on Android!!! • Dalvik VM is not a security boundary!!! – But Linux Process
• Linux UID/Group ID: – a unique id based on its signature assigned when it starts • Linux DAC: all or nothing – old style – root can do everything – RWX
• Permission – Need to be described on AndroidMeanifest.xml • Binder • Kernel Enforcement – group ID <permission name="android.permission.INTERNET" > • <group gid="inet" /> </permission> – Patch • Internet
• You can do everything in your process • You can use Reflection/JNI – To call hidden/private methods – To get/set private fields • But High return, High risk!!! ex) Unity3D: Using Mono VM
Distribution (Se API leve Version Release date ptember 4, 201 l 2) 4.1.x Jelly Bean July 9, 2012 16 1.2% 4.0.x Ice Cream Sandwich October 19, 2011 14-15 20.9% 3.x.x Honeycomb February 22, 2011 11-13 2.1% 2.3.x Gingerbread December 6, 2010 9-10 57.5% 2.2 Froyo May 20, 2010 8 14% 2.0, 2.1 Eclair October 26, 2009 7 3.7% 1.6 Donut September 15, 2009 4 0.4% 1.5 Cupcake April 30, 2009 3 0.2%
• NX bit(No eXecute): – to prevent code execution on heap and stack(2.3+) • Prelink: Used to speed up boot process – removed to prevent return-to-libc attacks(4.0+) • Address Space Layout Randomization(4.0+) – randomize key locations in memory • PIE (Position Independent Executable) – supports (4.1+)
• FileSystem Encryption – 3.0+ provides full filesystem encryption. 128bit AES key derived from user password • Credential Storage – 1.6+ restricted for only system – 4.0+ provides public API
• 1st. Protected APK – /data/app: apk without code – /data/app-private: protected by filesystem • 2nd. License Verification Library(LVL) – Google: 2010/7 – Amazon: DRM, T-Store:ARM • 3rd. Encrypted APK – Jelly Bean – Temporary Closed… but
• ODEX File: optimized dex file dex file Dalvik Virtual odex file Machine Storage (JIT Compiler) (reuse) decompile hijacking • 4.0+ provides a raw dex loading API – Without ODEX!!!
• Applying SELinux in Android by NSA • Linux Security Modules – Standard Linux Security (Hooking) Framework from v2.6 task management (creation, signaling, waiting), program loading (execve), file system management (superblock, inode, and filehooks), IPC (message queues, shared memory, and semaphore operations), module hooks (insertion and removal), and network hooks (covering sockets, netlink, network devices, and other protocol interfaces)  security.h
• 2012/1 AOSP master branch added(HAVE_SELINUX) – in external/libselinux and external/sepolicy – in core/java and core/jni • SELinux.java, AndroidRuntime.cpp, android_os_SELinux.cpp • Slow and incremental applying expected – not enforcing mode but permissive mode – Android 5.0? • Need to consider it!
• ARM’s HW solution • Virtualized processors on a ARM chip • Secure World can read Normal World – But Normal World can’t read Secure World • Already on Galaxy S3!!!
• Use Obfuscator • Use Native Code • Keep data on your server • Sorry, Find your own solutions! – 2011 Google I/O Evading Pirates and Stopping Vampires using License Verification Library, In-App Billing, and App Engine – 2012.4 Code Obfuscation for the Amazon In-App
• Even Android has many security problems, it is an open, de-facto platform now • It’s getting better but you need to keep your data/code by your own ways • Its openness and flexibility could give some chances to creative developers • T-Store promises to help you soon!
History of Android Security – from linux to jelly bean
History of Android Security – from linux to jelly bean

Recommended

Android Architecture
Android Architecture Android Architecture
Android Architecture Stanislaw Baranski
 
DockerCon SF 2015: Docker Security
DockerCon SF 2015: Docker SecurityDockerCon SF 2015: Docker Security
DockerCon SF 2015: Docker SecurityDocker, Inc.
 
IOS Security Basics - NULL/ OWASP/G4H Meet
IOS Security Basics - NULL/ OWASP/G4H MeetIOS Security Basics - NULL/ OWASP/G4H Meet
IOS Security Basics - NULL/ OWASP/G4H MeetAnthony Jose
 
K ubuntu
K ubuntuK ubuntu
K ubuntuMayuresh Wadekar
 
BlackHat USA 2011 - Stefan Esser - iOS Kernel Exploitation
BlackHat USA 2011 - Stefan Esser - iOS Kernel ExploitationBlackHat USA 2011 - Stefan Esser - iOS Kernel Exploitation
BlackHat USA 2011 - Stefan Esser - iOS Kernel ExploitationStefan Esser
 
Android Booting Sequence
Android Booting SequenceAndroid Booting Sequence
Android Booting SequenceJayanta Ghoshal
 
Learning AOSP - Android Linux Device Driver
Learning AOSP - Android Linux Device DriverLearning AOSP - Android Linux Device Driver
Learning AOSP - Android Linux Device DriverNanik Tolaram
 
Linux on Hyper-V
Linux on Hyper-VLinux on Hyper-V
Linux on Hyper-VTudor Damian
 

Recommended

Android Architecture
Android Architecture Android Architecture
Android Architecture Stanislaw Baranski
 
DockerCon SF 2015: Docker Security
DockerCon SF 2015: Docker SecurityDockerCon SF 2015: Docker Security
DockerCon SF 2015: Docker SecurityDocker, Inc.
 
IOS Security Basics - NULL/ OWASP/G4H Meet
IOS Security Basics - NULL/ OWASP/G4H MeetIOS Security Basics - NULL/ OWASP/G4H Meet
IOS Security Basics - NULL/ OWASP/G4H MeetAnthony Jose
 
K ubuntu
K ubuntuK ubuntu
K ubuntuMayuresh Wadekar
 
BlackHat USA 2011 - Stefan Esser - iOS Kernel Exploitation
BlackHat USA 2011 - Stefan Esser - iOS Kernel ExploitationBlackHat USA 2011 - Stefan Esser - iOS Kernel Exploitation
BlackHat USA 2011 - Stefan Esser - iOS Kernel ExploitationStefan Esser
 
Android Booting Sequence
Android Booting SequenceAndroid Booting Sequence
Android Booting SequenceJayanta Ghoshal
 
Learning AOSP - Android Linux Device Driver
Learning AOSP - Android Linux Device DriverLearning AOSP - Android Linux Device Driver
Learning AOSP - Android Linux Device DriverNanik Tolaram
 
Linux on Hyper-V
Linux on Hyper-VLinux on Hyper-V
Linux on Hyper-VTudor Damian
 
ChinaNetCloud - Cloud Operations for Gaming - Tencent July 2014
ChinaNetCloud - Cloud Operations for Gaming - Tencent July 2014ChinaNetCloud - Cloud Operations for Gaming - Tencent July 2014
ChinaNetCloud - Cloud Operations for Gaming - Tencent July 2014ChinaNetCloud
 
Gentoo Linux, or Why in the World You Should Compile Everything
Gentoo Linux, or Why in the World You Should Compile EverythingGentoo Linux, or Why in the World You Should Compile Everything
Gentoo Linux, or Why in the World You Should Compile EverythingDonnie Berkholz
 
FileBot 4 Synology
FileBot 4 SynologyFileBot 4 Synology
FileBot 4 SynologyReinhard Pointner
 
108484130 pod2g-jailbreak-techniques-wwjc-2012
108484130 pod2g-jailbreak-techniques-wwjc-2012108484130 pod2g-jailbreak-techniques-wwjc-2012
108484130 pod2g-jailbreak-techniques-wwjc-2012wtreterte
 
Learning AOSP - Android Booting Process
Learning AOSP - Android Booting ProcessLearning AOSP - Android Booting Process
Learning AOSP - Android Booting ProcessNanik Tolaram
 
Hacking Android OS
Hacking Android OSHacking Android OS
Hacking Android OSJimmy Software
 
Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)ClubHack
 
Timings of Init : Android Ramdisks for the Practical Hacker
Timings of Init : Android Ramdisks for the Practical HackerTimings of Init : Android Ramdisks for the Practical Hacker
Timings of Init : Android Ramdisks for the Practical HackerStacy Devino
 
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Michelle Antebi
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to DockerRafael Konlechner
 
Device Drivers in Linux
Device Drivers in LinuxDevice Drivers in Linux
Device Drivers in LinuxShreyas MM
 
Dockerizing your applications - Docker workshop @Twitter
Dockerizing your applications - Docker workshop @TwitterDockerizing your applications - Docker workshop @Twitter
Dockerizing your applications - Docker workshop @TwitterdotCloud
 
ABS 2014 - The Growth of Android in Embedded Systems
ABS 2014 - The Growth of Android in Embedded SystemsABS 2014 - The Growth of Android in Embedded Systems
ABS 2014 - The Growth of Android in Embedded SystemsBenjamin Zores
 
Setup a Dev environment that feels like $HOME on Windows 10
Setup a Dev environment that feels like $HOME on Windows 10Setup a Dev environment that feels like $HOME on Windows 10
Setup a Dev environment that feels like $HOME on Windows 10Stefan Scherer
 
A million ways to provision embedded linux devices
A million ways to provision embedded linux devicesA million ways to provision embedded linux devices
A million ways to provision embedded linux devicesMender.io
 
Android booting sequece and setup and debugging
Android booting sequece and setup and debuggingAndroid booting sequece and setup and debugging
Android booting sequece and setup and debuggingUtkarsh Mankad
 
Course 101: Lecture 6: Installing Ubuntu
Course 101: Lecture 6: Installing Ubuntu Course 101: Lecture 6: Installing Ubuntu
Course 101: Lecture 6: Installing Ubuntu Ahmed El-Arabawy
 
Malware
MalwareMalware
MalwareNikola Milosevic
 
Venta
VentaVenta
Ventaobed_emmanuelle
 
Integrate IoT cloud analytics and over the-air (ota) updates with google and ...
Integrate IoT cloud analytics and over the-air (ota) updates with google and ...Integrate IoT cloud analytics and over the-air (ota) updates with google and ...
Integrate IoT cloud analytics and over the-air (ota) updates with google and ...Mender.io
 
Google Android Security 2014 Report
Google Android Security 2014 ReportGoogle Android Security 2014 Report
Google Android Security 2014 ReportRonen Mendezitsky
 
Android security by ravi-rai
Android security by ravi-raiAndroid security by ravi-rai
Android security by ravi-raiRavi Rai
 

More Related Content

What's hot

ChinaNetCloud - Cloud Operations for Gaming - Tencent July 2014
ChinaNetCloud - Cloud Operations for Gaming - Tencent July 2014ChinaNetCloud - Cloud Operations for Gaming - Tencent July 2014
ChinaNetCloud - Cloud Operations for Gaming - Tencent July 2014ChinaNetCloud
 
Gentoo Linux, or Why in the World You Should Compile Everything
Gentoo Linux, or Why in the World You Should Compile EverythingGentoo Linux, or Why in the World You Should Compile Everything
Gentoo Linux, or Why in the World You Should Compile EverythingDonnie Berkholz
 
108484130 pod2g-jailbreak-techniques-wwjc-2012
108484130 pod2g-jailbreak-techniques-wwjc-2012108484130 pod2g-jailbreak-techniques-wwjc-2012
108484130 pod2g-jailbreak-techniques-wwjc-2012wtreterte
 
Learning AOSP - Android Booting Process
Learning AOSP - Android Booting ProcessLearning AOSP - Android Booting Process
Learning AOSP - Android Booting ProcessNanik Tolaram
 
Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)ClubHack
 
Timings of Init : Android Ramdisks for the Practical Hacker
Timings of Init : Android Ramdisks for the Practical HackerTimings of Init : Android Ramdisks for the Practical Hacker
Timings of Init : Android Ramdisks for the Practical HackerStacy Devino
 
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Michelle Antebi
 
Device Drivers in Linux
Device Drivers in LinuxDevice Drivers in Linux
Device Drivers in LinuxShreyas MM
 
Dockerizing your applications - Docker workshop @Twitter
Dockerizing your applications - Docker workshop @TwitterDockerizing your applications - Docker workshop @Twitter
Dockerizing your applications - Docker workshop @TwitterdotCloud
 
ABS 2014 - The Growth of Android in Embedded Systems
ABS 2014 - The Growth of Android in Embedded SystemsABS 2014 - The Growth of Android in Embedded Systems
ABS 2014 - The Growth of Android in Embedded SystemsBenjamin Zores
 
Setup a Dev environment that feels like $HOME on Windows 10
Setup a Dev environment that feels like $HOME on Windows 10Setup a Dev environment that feels like $HOME on Windows 10
Setup a Dev environment that feels like $HOME on Windows 10Stefan Scherer
 
A million ways to provision embedded linux devices
A million ways to provision embedded linux devicesA million ways to provision embedded linux devices
A million ways to provision embedded linux devicesMender.io
 
Android booting sequece and setup and debugging
Android booting sequece and setup and debuggingAndroid booting sequece and setup and debugging
Android booting sequece and setup and debuggingUtkarsh Mankad
 
Course 101: Lecture 6: Installing Ubuntu
Course 101: Lecture 6: Installing Ubuntu Course 101: Lecture 6: Installing Ubuntu
Course 101: Lecture 6: Installing Ubuntu Ahmed El-Arabawy
 
Integrate IoT cloud analytics and over the-air (ota) updates with google and ...
Integrate IoT cloud analytics and over the-air (ota) updates with google and ...Integrate IoT cloud analytics and over the-air (ota) updates with google and ...
Integrate IoT cloud analytics and over the-air (ota) updates with google and ...Mender.io
 

What's hot (20)

ChinaNetCloud - Cloud Operations for Gaming - Tencent July 2014
ChinaNetCloud - Cloud Operations for Gaming - Tencent July 2014ChinaNetCloud - Cloud Operations for Gaming - Tencent July 2014
ChinaNetCloud - Cloud Operations for Gaming - Tencent July 2014
 
Gentoo Linux, or Why in the World You Should Compile Everything
Gentoo Linux, or Why in the World You Should Compile EverythingGentoo Linux, or Why in the World You Should Compile Everything
Gentoo Linux, or Why in the World You Should Compile Everything
 
FileBot 4 Synology
FileBot 4 SynologyFileBot 4 Synology
FileBot 4 Synology
 
108484130 pod2g-jailbreak-techniques-wwjc-2012
108484130 pod2g-jailbreak-techniques-wwjc-2012108484130 pod2g-jailbreak-techniques-wwjc-2012
108484130 pod2g-jailbreak-techniques-wwjc-2012
 
Learning AOSP - Android Booting Process
Learning AOSP - Android Booting ProcessLearning AOSP - Android Booting Process
Learning AOSP - Android Booting Process
 
Hacking Android OS
Hacking Android OSHacking Android OS
Hacking Android OS
 
Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)Metasploitation part-1 (murtuja)
Metasploitation part-1 (murtuja)
 
Timings of Init : Android Ramdisks for the Practical Hacker
Timings of Init : Android Ramdisks for the Practical HackerTimings of Init : Android Ramdisks for the Practical Hacker
Timings of Init : Android Ramdisks for the Practical Hacker
 
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
Device Drivers in Linux
Device Drivers in LinuxDevice Drivers in Linux
Device Drivers in Linux
 
Dockerizing your applications - Docker workshop @Twitter
Dockerizing your applications - Docker workshop @TwitterDockerizing your applications - Docker workshop @Twitter
Dockerizing your applications - Docker workshop @Twitter
 
ABS 2014 - The Growth of Android in Embedded Systems
ABS 2014 - The Growth of Android in Embedded SystemsABS 2014 - The Growth of Android in Embedded Systems
ABS 2014 - The Growth of Android in Embedded Systems
 
Setup a Dev environment that feels like $HOME on Windows 10
Setup a Dev environment that feels like $HOME on Windows 10Setup a Dev environment that feels like $HOME on Windows 10
Setup a Dev environment that feels like $HOME on Windows 10
 
A million ways to provision embedded linux devices
A million ways to provision embedded linux devicesA million ways to provision embedded linux devices
A million ways to provision embedded linux devices
 
Android booting sequece and setup and debugging
Android booting sequece and setup and debuggingAndroid booting sequece and setup and debugging
Android booting sequece and setup and debugging
 
Course 101: Lecture 6: Installing Ubuntu
Course 101: Lecture 6: Installing Ubuntu Course 101: Lecture 6: Installing Ubuntu
Course 101: Lecture 6: Installing Ubuntu
 
Malware
MalwareMalware
Malware
 
Venta
VentaVenta
Venta
 
Integrate IoT cloud analytics and over the-air (ota) updates with google and ...
Integrate IoT cloud analytics and over the-air (ota) updates with google and ...Integrate IoT cloud analytics and over the-air (ota) updates with google and ...
Integrate IoT cloud analytics and over the-air (ota) updates with google and ...
 

Viewers also liked

Google Android Security 2014 Report
Google Android Security 2014 ReportGoogle Android Security 2014 Report
Google Android Security 2014 ReportRonen Mendezitsky
 
Android security by ravi-rai
Android security by ravi-raiAndroid security by ravi-rai
Android security by ravi-raiRavi Rai
 
Android OS and its Features
Android OS and its FeaturesAndroid OS and its Features
Android OS and its FeaturesHarshad Lokhande
 
Android Security: Defending Your Users
Android Security: Defending Your UsersAndroid Security: Defending Your Users
Android Security: Defending Your UsersCommonsWare
 
SydMobNet March 2016: Matthew Robbins - Android M Security Policies
SydMobNet March 2016: Matthew Robbins - Android M Security PoliciesSydMobNet March 2016: Matthew Robbins - Android M Security Policies
SydMobNet March 2016: Matthew Robbins - Android M Security PoliciesAlec Tucker
 
The 25 hour of day | Mawa3ed
The 25 hour of day | Mawa3edThe 25 hour of day | Mawa3ed
The 25 hour of day | Mawa3edAhmed Faris
 
Android Internals (This is not the droid you’re loking for...)
Android Internals (This is not the droid you’re loking for...)Android Internals (This is not the droid you’re loking for...)
Android Internals (This is not the droid you’re loking for...)Giacomo Bergami
 
Android application for gps
Android application for gpsAndroid application for gps
Android application for gpsSutej Chakka
 
Смирнов Александр, Security in Android Application
Смирнов Александр, Security in Android ApplicationСмирнов Александр, Security in Android Application
Смирнов Александр, Security in Android ApplicationSECON
 
SecureDroid: An Android Security Framework Extension for Context-Aware policy...
SecureDroid: An Android Security Framework Extension for Context-Aware policy...SecureDroid: An Android Security Framework Extension for Context-Aware policy...
SecureDroid: An Android Security Framework Extension for Context-Aware policy...Giuseppe La Torre
 
Android Project report on City Tourist Location based services (Shuja ul hassan)
Android Project report on City Tourist Location based services (Shuja ul hassan)Android Project report on City Tourist Location based services (Shuja ul hassan)
Android Project report on City Tourist Location based services (Shuja ul hassan)Shuja Hassan
 
600.250 UI Cross Platform Development and the Android Security Model
600.250 UI Cross Platform Development and the Android Security Model600.250 UI Cross Platform Development and the Android Security Model
600.250 UI Cross Platform Development and the Android Security ModelMichael Rushanan
 
Android audio system(audioplicy_service)
Android audio system(audioplicy_service)Android audio system(audioplicy_service)
Android audio system(audioplicy_service)fefe7270
 
Security threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsSecurity threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsHariharan Ganesan
 
Sperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft
 
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...Consulthinkspa
 
2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development 2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development Cheng-Yi Yu
 
Permission in Android Security: Threats and solution
Permission in Android Security: Threats and solutionPermission in Android Security: Threats and solution
Permission in Android Security: Threats and solutionTandhy Simanjuntak
 
Android Application And Unity3D Game Documentation
Android Application And Unity3D Game DocumentationAndroid Application And Unity3D Game Documentation
Android Application And Unity3D Game DocumentationSneh Raval
 
Android Security
Android SecurityAndroid Security
Android SecurityLars Jacobs
 

Viewers also liked (20)

Google Android Security 2014 Report
Google Android Security 2014 ReportGoogle Android Security 2014 Report
Google Android Security 2014 Report
 
Android security by ravi-rai
Android security by ravi-raiAndroid security by ravi-rai
Android security by ravi-rai
 
Android OS and its Features
Android OS and its FeaturesAndroid OS and its Features
Android OS and its Features
 
Android Security: Defending Your Users
Android Security: Defending Your UsersAndroid Security: Defending Your Users
Android Security: Defending Your Users
 
SydMobNet March 2016: Matthew Robbins - Android M Security Policies
SydMobNet March 2016: Matthew Robbins - Android M Security PoliciesSydMobNet March 2016: Matthew Robbins - Android M Security Policies
SydMobNet March 2016: Matthew Robbins - Android M Security Policies
 
The 25 hour of day | Mawa3ed
The 25 hour of day | Mawa3edThe 25 hour of day | Mawa3ed
The 25 hour of day | Mawa3ed
 
Android Internals (This is not the droid you’re loking for...)
Android Internals (This is not the droid you’re loking for...)Android Internals (This is not the droid you’re loking for...)
Android Internals (This is not the droid you’re loking for...)
 
Android application for gps
Android application for gpsAndroid application for gps
Android application for gps
 
Смирнов Александр, Security in Android Application
Смирнов Александр, Security in Android ApplicationСмирнов Александр, Security in Android Application
Смирнов Александр, Security in Android Application
 
SecureDroid: An Android Security Framework Extension for Context-Aware policy...
SecureDroid: An Android Security Framework Extension for Context-Aware policy...SecureDroid: An Android Security Framework Extension for Context-Aware policy...
SecureDroid: An Android Security Framework Extension for Context-Aware policy...
 
Android Project report on City Tourist Location based services (Shuja ul hassan)
Android Project report on City Tourist Location based services (Shuja ul hassan)Android Project report on City Tourist Location based services (Shuja ul hassan)
Android Project report on City Tourist Location based services (Shuja ul hassan)
 
600.250 UI Cross Platform Development and the Android Security Model
600.250 UI Cross Platform Development and the Android Security Model600.250 UI Cross Platform Development and the Android Security Model
600.250 UI Cross Platform Development and the Android Security Model
 
Android audio system(audioplicy_service)
Android audio system(audioplicy_service)Android audio system(audioplicy_service)
Android audio system(audioplicy_service)
 
Security threats in Android OS + App Permissions
Security threats in Android OS + App PermissionsSecurity threats in Android OS + App Permissions
Security threats in Android OS + App Permissions
 
Sperasoft talks: Android Security Threats
Sperasoft talks: Android Security ThreatsSperasoft talks: Android Security Threats
Sperasoft talks: Android Security Threats
 
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...
 
2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development 2015.04.24 Updated > Android Security Development - Part 1: App Development
2015.04.24 Updated > Android Security Development - Part 1: App Development
 
Permission in Android Security: Threats and solution
Permission in Android Security: Threats and solutionPermission in Android Security: Threats and solution
Permission in Android Security: Threats and solution
 
Android Application And Unity3D Game Documentation
Android Application And Unity3D Game DocumentationAndroid Application And Unity3D Game Documentation
Android Application And Unity3D Game Documentation
 
Android Security
Android SecurityAndroid Security
Android Security
 

Similar to History of Android Security – from linux to jelly bean

[A2]android security의 과거와 미래 – from linux to jelly bean
[A2]android security의 과거와 미래 – from linux to jelly bean[A2]android security의 과거와 미래 – from linux to jelly bean
[A2]android security의 과거와 미래 – from linux to jelly beanNAVER D2
 
Android platform
Android platformAndroid platform
Android platformmaya_slides
 
On non existent 0-days, stable binary exploits and
On non existent 0-days, stable binary exploits andOn non existent 0-days, stable binary exploits and
On non existent 0-days, stable binary exploits andAlisa Esage Шевченко
 
Esage on non-existent 0-days, stable binary exploits and user interaction
Esage on non-existent 0-days, stable binary exploits and user interactionEsage on non-existent 0-days, stable binary exploits and user interaction
Esage on non-existent 0-days, stable binary exploits and user interactionDefconRussia
 
1319571 634635606205391250
1319571 6346356062053912501319571 634635606205391250
1319571 634635606205391250MadNor Exe
 
Lions, Tigers and Deers: What building zoos can teach us about securing micro...
Lions, Tigers and Deers: What building zoos can teach us about securing micro...Lions, Tigers and Deers: What building zoos can teach us about securing micro...
Lions, Tigers and Deers: What building zoos can teach us about securing micro...Sysdig
 
WTF my container just spawned a shell!
WTF my container just spawned a shell!WTF my container just spawned a shell!
WTF my container just spawned a shell!Sysdig
 
Docker: Testing to Production
Docker: Testing to ProductionDocker: Testing to Production
Docker: Testing to ProductionEdwin Fuquen
 
Docker Security
Docker SecurityDocker Security
Docker Securityantitree
 
Container Security
Container SecurityContainer Security
Container SecuritySalman Baset
 
Hacker Halted 2014 - Reverse Engineering the Android OS
Hacker Halted 2014 - Reverse Engineering the Android OSHacker Halted 2014 - Reverse Engineering the Android OS
Hacker Halted 2014 - Reverse Engineering the Android OSEC-Council
 
Android icecream sandwich
Android icecream sandwichAndroid icecream sandwich
Android icecream sandwichMayur Dharukiya
 
Droidcon uk2012 androvm
Droidcon uk2012 androvmDroidcon uk2012 androvm
Droidcon uk2012 androvmdfages
 
CNIT 128 Ch 4: Android
CNIT 128 Ch 4: AndroidCNIT 128 Ch 4: Android
CNIT 128 Ch 4: AndroidSam Bowne
 

Similar to History of Android Security – from linux to jelly bean (20)

[A2]android security의 과거와 미래 – from linux to jelly bean
[A2]android security의 과거와 미래 – from linux to jelly bean[A2]android security의 과거와 미래 – from linux to jelly bean
[A2]android security의 과거와 미래 – from linux to jelly bean
 
Android platform
Android platformAndroid platform
Android platform
 
On non existent 0-days, stable binary exploits and
On non existent 0-days, stable binary exploits andOn non existent 0-days, stable binary exploits and
On non existent 0-days, stable binary exploits and
 
Esage on non-existent 0-days, stable binary exploits and user interaction
Esage on non-existent 0-days, stable binary exploits and user interactionEsage on non-existent 0-days, stable binary exploits and user interaction
Esage on non-existent 0-days, stable binary exploits and user interaction
 
Improve Android System Component Performance
Improve Android System Component PerformanceImprove Android System Component Performance
Improve Android System Component Performance
 
1319571 634635606205391250
1319571 6346356062053912501319571 634635606205391250
1319571 634635606205391250
 
Cont0519
Cont0519Cont0519
Cont0519
 
Lions, Tigers and Deers: What building zoos can teach us about securing micro...
Lions, Tigers and Deers: What building zoos can teach us about securing micro...Lions, Tigers and Deers: What building zoos can teach us about securing micro...
Lions, Tigers and Deers: What building zoos can teach us about securing micro...
 
Android Attacks
Android AttacksAndroid Attacks
Android Attacks
 
WTF my container just spawned a shell!
WTF my container just spawned a shell!WTF my container just spawned a shell!
WTF my container just spawned a shell!
 
Docker: Testing to Production
Docker: Testing to ProductionDocker: Testing to Production
Docker: Testing to Production
 
Docker Security
Docker SecurityDocker Security
Docker Security
 
Container Security
Container SecurityContainer Security
Container Security
 
Android report.
Android report.Android report.
Android report.
 
Hacker Halted 2014 - Reverse Engineering the Android OS
Hacker Halted 2014 - Reverse Engineering the Android OSHacker Halted 2014 - Reverse Engineering the Android OS
Hacker Halted 2014 - Reverse Engineering the Android OS
 
Android icecream sandwich
Android icecream sandwichAndroid icecream sandwich
Android icecream sandwich
 
Android OS
Android OSAndroid OS
Android OS
 
Android ppt
Android pptAndroid ppt
Android ppt
 
Droidcon uk2012 androvm
Droidcon uk2012 androvmDroidcon uk2012 androvm
Droidcon uk2012 androvm
 
CNIT 128 Ch 4: Android
CNIT 128 Ch 4: AndroidCNIT 128 Ch 4: Android
CNIT 128 Ch 4: Android
 

History of Android Security – from linux to jelly bean

  • 1.
  • 2. About Me 2000 AT&T Wireless: OODB/CORBA 2001Cellvic(JTEL): CellvicOS/JVM 2003 Samsung: JVM for DTV/SimpleJIT 2007 Aromasoft: JVM for Mobile/JIT Optimization/Dalvik 2011 GE korea: Smart appliance/Linux 2012 SK플래닛: Android/T-Store ARM/Security – jungpil.@sk.com 또는 lifeisliving@naver.com
  • 3.
  • 4.
  • 5. • 개인정보가 인터넷으로 빠져나간다 • 앱이 허락받지 않은 인터넷을 사용한다 • 앱이 허락받지 않은 동작(?)을 한다 • 앱이 스스로 루팅을 한다 • 앱이 코드를 스스로 변경한다 • 앱이 Dalvik VM의 정보를 변경한다 • 안드로이드앱이 Dalvik VM이 아닌 다른 VM을 실행시킨다
  • 6.
  • 7. • 5억대 판매된, 하루에 130만대씩 개통되는 단말? • A Java platform? – 역사상 자바가 표준 개발언어인 첫 번째 디바이스? RIM? NDK? • A forked Linux? – Why linux? • Andy Rubin: was a Apple Employee • 대안이 없어서? – 역사상 가장 많이 팔린 linux device?
  • 8. • Linux: Open Source – ‘mkdir android ; cd android ; repo init -u git://android.git.kernel.org/platform/manifest.git ; repo sync ; make’ • Java: easy to learn, many developers – but an easy language for reverse-enigneering • dex2jar, APKTool, JD-GUI, APKInspector, Smali, Dedexer,,, • 환상의 커플!!!
  • 9. • Just a linux application – following Google guides
  • 10. • Linux Process • Dalvik VM • Bionic • JNI • Is that all??? – Missing something… – PackageManager, ActivityManager,,,
  • 11. • Java? • No more on Android!!! • Dalvik VM is not a security boundary!!! – But Linux Process
  • 12. • Linux UID/Group ID: – a unique id based on its signature assigned when it starts • Linux DAC: all or nothing – old style – root can do everything – RWX
  • 13. • Permission – Need to be described on AndroidMeanifest.xml • Binder • Kernel Enforcement – group ID <permission name="android.permission.INTERNET" > • <group gid="inet" /> </permission> – Patch • Internet
  • 14. • You can do everything in your process • You can use Reflection/JNI – To call hidden/private methods – To get/set private fields • But High return, High risk!!! ex) Unity3D: Using Mono VM
  • 15.
  • 16. Distribution (Se API leve Version Release date ptember 4, 201 l 2) 4.1.x Jelly Bean July 9, 2012 16 1.2% 4.0.x Ice Cream Sandwich October 19, 2011 14-15 20.9% 3.x.x Honeycomb February 22, 2011 11-13 2.1% 2.3.x Gingerbread December 6, 2010 9-10 57.5% 2.2 Froyo May 20, 2010 8 14% 2.0, 2.1 Eclair October 26, 2009 7 3.7% 1.6 Donut September 15, 2009 4 0.4% 1.5 Cupcake April 30, 2009 3 0.2%
  • 17. • NX bit(No eXecute): – to prevent code execution on heap and stack(2.3+) • Prelink: Used to speed up boot process – removed to prevent return-to-libc attacks(4.0+) • Address Space Layout Randomization(4.0+) – randomize key locations in memory • PIE (Position Independent Executable) – supports (4.1+)
  • 18. • FileSystem Encryption – 3.0+ provides full filesystem encryption. 128bit AES key derived from user password • Credential Storage – 1.6+ restricted for only system – 4.0+ provides public API
  • 19. • 1st. Protected APK – /data/app: apk without code – /data/app-private: protected by filesystem • 2nd. License Verification Library(LVL) – Google: 2010/7 – Amazon: DRM, T-Store:ARM • 3rd. Encrypted APK – Jelly Bean – Temporary Closed… but
  • 20.
  • 21. • ODEX File: optimized dex file dex file Dalvik Virtual odex file Machine Storage (JIT Compiler) (reuse) decompile hijacking • 4.0+ provides a raw dex loading API – Without ODEX!!!
  • 22. • Applying SELinux in Android by NSA • Linux Security Modules – Standard Linux Security (Hooking) Framework from v2.6 task management (creation, signaling, waiting), program loading (execve), file system management (superblock, inode, and filehooks), IPC (message queues, shared memory, and semaphore operations), module hooks (insertion and removal), and network hooks (covering sockets, netlink, network devices, and other protocol interfaces)  security.h
  • 23. 2012/1 AOSP master branch added(HAVE_SELINUX) – in external/libselinux and external/sepolicy – in core/java and core/jni • SELinux.java, AndroidRuntime.cpp, android_os_SELinux.cpp • Slow and incremental applying expected – not enforcing mode but permissive mode – Android 5.0? • Need to consider it!
  • 24. • ARM’s HW solution • Virtualized processors on a ARM chip • Secure World can read Normal World – But Normal World can’t read Secure World • Already on Galaxy S3!!!
  • 25.
  • 26. • Use Obfuscator • Use Native Code • Keep data on your server • Sorry, Find your own solutions! – 2011 Google I/O Evading Pirates and Stopping Vampires using License Verification Library, In-App Billing, and App Engine – 2012.4 Code Obfuscation for the Amazon In-App
  • 27. • Even Android has many security problems, it is an open, de-facto platform now • It’s getting better but you need to keep your data/code by your own ways • Its openness and flexibility could give some chances to creative developers • T-Store promises to help you soon!