• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Droidcon secureyourapp fighttheleaks-samsung
 

Droidcon secureyourapp fighttheleaks-samsung

on

  • 404 views

 

Statistics

Views

Total Views
404
Views on SlideShare
283
Embed Views
121

Actions

Likes
0
Downloads
1
Comments
0

2 Embeds 121

http://fr.droidcon.com 71
http://www.wipconnector.com 50

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Droidcon secureyourapp fighttheleaks-samsung Droidcon secureyourapp fighttheleaks-samsung Presentation Transcript

    • SECURE YOUR APP FIGHT THE LEAKS! DROIDCON PARIS 2013
    • EYAL LEZMY Slides http://bit.ly/droidcon-sec http://eyal.fr ANDROID PRESALES ENGINEER, SAMSUNG B2B TREASURER AT PARIS ANDROID USER GROUP ANDROID GOOGLE DEVELOPER EXPERT
    • DON'T LET HIM DOWN THE USER TRUSTS YOU Company
    • Copyright © 1995-2012 SAMSUNG All rights reserved APPS HAVE TO RESPECT THE DATA Different ways to unintentionally grant other apps access to the data inside your application : Exporting an unprotected component Storing personal data in a world readable file Logging personal data in logcat logs
    • Copyright © 1995-2012 SAMSUNG All rights reserved It declares accessible app components Activity, Service, Receive,... Adding <intent-filter> => your element is exported by default CHECK YOUR ANDROIDMANIFEST.XML ContentProvider is always exported by default, until android:targetSdkVersion="17"
    • Copyright © 1995-2012 SAMSUNG All rights reserved Don't export app components unless you want to share their content with other applications <application android:label="@string/app_name"> … <service android:name=".ServiceExample“ android:exported="false"> <intent-filter> … </intent-filter> </service> … </application> What is your legitimity to expose data? CHECK YOUR ANDROIDMANIFEST.XML
    • Copyright © 1995-2012 SAMSUNG All rights reserved There are different permission protection levels: normal Lower risk permission dangerous Higher risk, access to user private data, potential negative impact signature Needs the same certificate signature PERMISIONS
    • Copyright © 1995-2012 SAMSUNG All rights reserved Lets look at the code: <permission android:name="com.example.EXAMPLE_PERM“ android:label="@string/example_perm_l“ android:description="@string/example_perm_d“ android:icon="@drawable/example_perm_i“ android:protectionLevel="signature" /> ... <service android:name=".ServiceExample“ android:permission="com.example.EXAMPLE_PERM"> <intent-filter>...</intent-filter> </service> PERMISIONS
    • Copyright © 1995-2012 SAMSUNG All rights reserved Don't be the weakest link private boolean checkPermission(Context context) { String permission = "com.example.EXAMPLE_PERM"; int res = context.checkCallingPermission(permission); return (res == PackageManager.PERMISSION_GRANTED); } PERMISIONS Always check the permission of a caller if you use your permission
    • Copyright © 1995-2012 SAMSUNG All rights reserved DISABLE USELESS ACTIVITIES Fit your components lifecycle to your application's lifecycle If before configuration (login, account creation, ...) a service or activity is not useful, disable it If your application handles common implicit Intent's actions like ACTION_VIEW or ACTION_SEND consider disabling it by default
    • Copyright © 1995-2012 SAMSUNG All rights reserved PackageManager.setComponentEnabledSetting(componentName, newState, flags); DISABLE USELESS ACTIVITIES <activity android:name="com.example.Activity" android:label="@string/app_name" android:enabled="false"> </activity> Disabled: Enabled:
    • Copyright © 1995-2012 SAMSUNG All rights reserved STORING DATA WISELY Protect personal data using MODE_PRIVATE for data files, shared preferences, and databases: openFileOutput() openSharedPreferences() openOrCreateDatabase() External storage (sdcard) is shared storage
    • Copyright © 1995-2012 SAMSUNG All rights reserved PLEASE... SHUT THE FUCK UP! public static final boolean SHOW_LOG = BuildConfig.DEBUG; public static void d(final String tag, final String msg) { if (SHOW_LOG) Log.d(tag, msg); } Don't expose data through logcat on production Detect the build mode with BuildConfig.DEBUG Be careful about this subject and test it during QA
    • Copyright © 1995-2012 SAMSUNG All rights reserved PROTECTING APP FROM USERS No more android:debuggable on the manifest Don't leave this enabled in release code! ADT 8.0+ do it for you automatically
    • Copyright © 1995-2012 SAMSUNG All rights reserved $ adb shell shell@android:/ $ run-as com.android.example sh shell@android:/data/data/com.android.example $ id uid=10060(app_60) gid=10060(app_60) shell@android:/data/data/com.android.example $ ls files/secret_data.txt shell@android:/data/data/com.android.example $ cat files/secret_data.txt PROTECTING APP FROM USERS
    • IT'S NOT JUST ABOUT YOUR APP INSECURE NETWORK LOST OR STOLEN DEVICES
    • Copyright © 1995-2012 SAMSUNG All rights reserved Free certified SSL: https://www.startssl.com/ USE SAFE NETWORKING HTTPS and SSL can protect against Man in the Middle attacks and prevent casual snooping Server certificate validity must be correctly checked "15% of apps have weak or bad SSL implementation on the Play Store"
    • Copyright © 1995-2012 SAMSUNG All rights reserved ...but it may help discouraging curious. Use a peer-reviewed library like KeyCzar Take care of the key : Create it at first start, with true random Or grab a user key from your server Or ask the user for a passphrase you won't store DATA ENCRYPTION DOESN'T SOLVE ALL PROBLEMS
    • Copyright © 1995-2012 SAMSUNG All rights reserved On a corporate environment, device administration can be considered Password management Device encryption Disable camera Lock the device Remote wipe DEVICE ADMINISTRATION
    • Copyright © 1995-2012 SAMSUNG All rights reserved BEHIND THE STAGE The APK's content is always world readable, take care about what you put inside Sensitive files should be kept out of the APK Java is open source, your code too Using Proguard takes a single line of code Or... Dex encryption AAPT modified Logic on server
    • IT'S NOT JUST ABOUT SECURITY THINK ABOUT POLITICS...
    • Copyright © 1995-2012 SAMSUNG All rights reserved THE SECURITY PARADOX
    • Copyright © 1995-2012 SAMSUNG All rights reserved "The more secure you make something, the less secure it becomes" Level the security following the user acceptance or... Users will find workarounds Users won't use your service NEVER FORGET THE USER, NEVAAAAA!
    • Copyright © 1995-2012 SAMSUNG All rights reserved REFERENCES Google I/O 2012 Sessions Android Developpers Live Youtube channel Android Developement Android Developement: Using Cryptography The Commons Blog InformationWeek: Security Paradox ThreatPost: SLL implementation on Android apps StartSSL Free certificates
    • SAMSUNG SMART APP CHALLENGE 2013 SAMSUNG SMART APP CHALLENGE 2013 A Global app challenge Apps for the Galaxy S4 Use of Samsung Chord SDK Apply June 20 - August 31 www.smartappchallenge.com $800,000 for 10 winners
    • SAMSUNG DEVELOPERS SDKs and Documentation http://developer.samsung.com Samsung Chord SDK Bluetooth Low Energy SDK Remote Test Lab Test your applications on real devices through the internet Free 24H 365 Days S Pen & Multi Window SDK AllShare Framework Real Device, NOT emulator Multiple Devices
    • THANK YOU! Slides http://bit.ly/droidcon-sec http://eyal.fr