6. MobSecCon 20156
Android Containerization
• Protect some work-related assets (data
and network) in a separate “container”
• Examples: App wrappers and SDKs
Android’s user profiles
Samsung’s Knox
• Makes business apps “safe” because
they run inside a “container”
8. MobSecCon 20158
Android Containerization
• Protect work-related assets (data and
network) in a separate “container”
• Examples: App wrappers and SDKs
Android’s user profiles
Samsung’s Knox
• Makes business apps “safe” because
they run inside a “container” does it?
9. MobSecCon 20159
Android Containerization Achilles Heel
• Separates data storage, - and -
• Separates network connections, - but -
• Share service and logic to decide on
each such access per (app) context
• Share single runtime environment
• Share one set of Android services
10. MobSecCon 201510
Case #1: Stagefright, Matroska
• Bunch of flaws in media library
• Malformed input can lead to arbitrary
code execution
• Attack vector via MMS, app, or payload
• Can take over MediaService
11. MobSecCon 201511
Case #1: Stagefright, Matroska
• Bunch of flaws in media library
• Malformed input can lead to arbitrary
code execution
• Attack vector via MMS, app, or payload
• Can take over MediaService
• Containerization helps? NO
• Virtualization helps? YES
12. MobSecCon 201512
Case #2: Fingerprint
• Careless handling of fingerprint images
• Stores unencrypted and world-readable
in a shared-directory
• Attack vector via an app, file browser, or
naughty user
13. MobSecCon 201513
Case #2: Fingerprint
• Careless handling of fingerprint images
• Stores unencrypted and world-readable
in a shared-directory
• Attack vector via an app, file browser, or
naughty user
• Containerization helps? NO
• Virtualization helps? YES
14. MobSecCon 201514
Case #3: De-serialize
• Inspired by de-serialization vulnerability in
ObjectInputStream class (fixed)
• Tricky use of serializable objects with a
sensitive member controlled by attacker
• Can take over system_server
15. MobSecCon 201515
Case #3: De-serialize
• Inspired by de-serialization vulnerability in
ObjectInputStream class (fixed)
• Tricky use of serializable objects with a
sensitive member controlled by attacker
• Can take over system_server
• Containerization helps? NO
• Virtualization helps? YES
16. MobSecCon 201516
Case #4: Hardware channels
• Use covert (side) hardware channels to
steal information of other apps
• Calibrate and then use accelerometer or
gyroscope in background to infer input
17. MobSecCon 201517
Case #4: Hardware channels
• Use covert (side) hardware channels to
steal information of other apps
• Calibrate and then use accelerometer or
gyroscope in background to infer input
• Containerization helps? NO
• Virtualization helps? YES
18. MobSecCon 201518
Case #5: Hardware Abstractions
• Exploit a flaw related to shared hardware
resource, e.g. network interface
• Intercept I/O of other contexts with that
resource, e.g. in-Android MITM attack
19. MobSecCon 201519
Case #5: Hardware Abstractions
• Exploit a flaw related to shared hardware
resource, e.g. network interface
• Intercept I/O of other contexts with that
resource, e.g. in-Android MITM attack
• Containerization helps? NO
• Virtualization helps? YES
20. MobSecCon 201520
Solution: Mobile Virtualization
• Protect all work-related assets in a
separate instance of Android
• Replicate entire Android stack for each
instance, do not share framework
• Makes business apps safe because they
run in a separate runtime environment
21. MobSecCon 201521
Android InstanceAndroid Instance
Android
applications
Android environment:
framework, services
Data
Linux
kernel
Device
hardware
Mobile Virtualization
Android
applications
Android environment:
framework, services
Data
Thinvisor
22. MobSecCon 201522
How Does Virtualization Work?
• Block primary attack vectors in the
business instance
• Securely isolate the business instance
from the personal one
• Multiplex hardware resources between
instances in “foreground” usage model
23. MobSecCon 201523
Mobile Virtualization
“Server virtualization is all about cost saving
Mobile virtualization is all about usability …
while protecting your privacy, securing your
information, increasing your performance,
and catering to your needs.”