Droidcon secureyourapp fighttheleaks-samsung

452 views
404 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
452
On SlideShare
0
From Embeds
0
Number of Embeds
130
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Droidcon secureyourapp fighttheleaks-samsung

  1. 1. SECURE YOUR APP FIGHT THE LEAKS! DROIDCON PARIS 2013
  2. 2. EYAL LEZMY Slides http://bit.ly/droidcon-sec http://eyal.fr ANDROID PRESALES ENGINEER, SAMSUNG B2B TREASURER AT PARIS ANDROID USER GROUP ANDROID GOOGLE DEVELOPER EXPERT
  3. 3. DON'T LET HIM DOWN THE USER TRUSTS YOU Company
  4. 4. Copyright © 1995-2012 SAMSUNG All rights reserved APPS HAVE TO RESPECT THE DATA Different ways to unintentionally grant other apps access to the data inside your application : Exporting an unprotected component Storing personal data in a world readable file Logging personal data in logcat logs
  5. 5. Copyright © 1995-2012 SAMSUNG All rights reserved It declares accessible app components Activity, Service, Receive,... Adding <intent-filter> => your element is exported by default CHECK YOUR ANDROIDMANIFEST.XML ContentProvider is always exported by default, until android:targetSdkVersion="17"
  6. 6. Copyright © 1995-2012 SAMSUNG All rights reserved Don't export app components unless you want to share their content with other applications <application android:label="@string/app_name"> … <service android:name=".ServiceExample“ android:exported="false"> <intent-filter> … </intent-filter> </service> … </application> What is your legitimity to expose data? CHECK YOUR ANDROIDMANIFEST.XML
  7. 7. Copyright © 1995-2012 SAMSUNG All rights reserved There are different permission protection levels: normal Lower risk permission dangerous Higher risk, access to user private data, potential negative impact signature Needs the same certificate signature PERMISIONS
  8. 8. Copyright © 1995-2012 SAMSUNG All rights reserved Lets look at the code: <permission android:name="com.example.EXAMPLE_PERM“ android:label="@string/example_perm_l“ android:description="@string/example_perm_d“ android:icon="@drawable/example_perm_i“ android:protectionLevel="signature" /> ... <service android:name=".ServiceExample“ android:permission="com.example.EXAMPLE_PERM"> <intent-filter>...</intent-filter> </service> PERMISIONS
  9. 9. Copyright © 1995-2012 SAMSUNG All rights reserved Don't be the weakest link private boolean checkPermission(Context context) { String permission = "com.example.EXAMPLE_PERM"; int res = context.checkCallingPermission(permission); return (res == PackageManager.PERMISSION_GRANTED); } PERMISIONS Always check the permission of a caller if you use your permission
  10. 10. Copyright © 1995-2012 SAMSUNG All rights reserved DISABLE USELESS ACTIVITIES Fit your components lifecycle to your application's lifecycle If before configuration (login, account creation, ...) a service or activity is not useful, disable it If your application handles common implicit Intent's actions like ACTION_VIEW or ACTION_SEND consider disabling it by default
  11. 11. Copyright © 1995-2012 SAMSUNG All rights reserved PackageManager.setComponentEnabledSetting(componentName, newState, flags); DISABLE USELESS ACTIVITIES <activity android:name="com.example.Activity" android:label="@string/app_name" android:enabled="false"> </activity> Disabled: Enabled:
  12. 12. Copyright © 1995-2012 SAMSUNG All rights reserved STORING DATA WISELY Protect personal data using MODE_PRIVATE for data files, shared preferences, and databases: openFileOutput() openSharedPreferences() openOrCreateDatabase() External storage (sdcard) is shared storage
  13. 13. Copyright © 1995-2012 SAMSUNG All rights reserved PLEASE... SHUT THE FUCK UP! public static final boolean SHOW_LOG = BuildConfig.DEBUG; public static void d(final String tag, final String msg) { if (SHOW_LOG) Log.d(tag, msg); } Don't expose data through logcat on production Detect the build mode with BuildConfig.DEBUG Be careful about this subject and test it during QA
  14. 14. Copyright © 1995-2012 SAMSUNG All rights reserved PROTECTING APP FROM USERS No more android:debuggable on the manifest Don't leave this enabled in release code! ADT 8.0+ do it for you automatically
  15. 15. Copyright © 1995-2012 SAMSUNG All rights reserved $ adb shell shell@android:/ $ run-as com.android.example sh shell@android:/data/data/com.android.example $ id uid=10060(app_60) gid=10060(app_60) shell@android:/data/data/com.android.example $ ls files/secret_data.txt shell@android:/data/data/com.android.example $ cat files/secret_data.txt PROTECTING APP FROM USERS
  16. 16. IT'S NOT JUST ABOUT YOUR APP INSECURE NETWORK LOST OR STOLEN DEVICES
  17. 17. Copyright © 1995-2012 SAMSUNG All rights reserved Free certified SSL: https://www.startssl.com/ USE SAFE NETWORKING HTTPS and SSL can protect against Man in the Middle attacks and prevent casual snooping Server certificate validity must be correctly checked "15% of apps have weak or bad SSL implementation on the Play Store"
  18. 18. Copyright © 1995-2012 SAMSUNG All rights reserved ...but it may help discouraging curious. Use a peer-reviewed library like KeyCzar Take care of the key : Create it at first start, with true random Or grab a user key from your server Or ask the user for a passphrase you won't store DATA ENCRYPTION DOESN'T SOLVE ALL PROBLEMS
  19. 19. Copyright © 1995-2012 SAMSUNG All rights reserved On a corporate environment, device administration can be considered Password management Device encryption Disable camera Lock the device Remote wipe DEVICE ADMINISTRATION
  20. 20. Copyright © 1995-2012 SAMSUNG All rights reserved BEHIND THE STAGE The APK's content is always world readable, take care about what you put inside Sensitive files should be kept out of the APK Java is open source, your code too Using Proguard takes a single line of code Or... Dex encryption AAPT modified Logic on server
  21. 21. IT'S NOT JUST ABOUT SECURITY THINK ABOUT POLITICS...
  22. 22. Copyright © 1995-2012 SAMSUNG All rights reserved THE SECURITY PARADOX
  23. 23. Copyright © 1995-2012 SAMSUNG All rights reserved "The more secure you make something, the less secure it becomes" Level the security following the user acceptance or... Users will find workarounds Users won't use your service NEVER FORGET THE USER, NEVAAAAA!
  24. 24. Copyright © 1995-2012 SAMSUNG All rights reserved REFERENCES Google I/O 2012 Sessions Android Developpers Live Youtube channel Android Developement Android Developement: Using Cryptography The Commons Blog InformationWeek: Security Paradox ThreatPost: SLL implementation on Android apps StartSSL Free certificates
  25. 25. SAMSUNG SMART APP CHALLENGE 2013 SAMSUNG SMART APP CHALLENGE 2013 A Global app challenge Apps for the Galaxy S4 Use of Samsung Chord SDK Apply June 20 - August 31 www.smartappchallenge.com $800,000 for 10 winners
  26. 26. SAMSUNG DEVELOPERS SDKs and Documentation http://developer.samsung.com Samsung Chord SDK Bluetooth Low Energy SDK Remote Test Lab Test your applications on real devices through the internet Free 24H 365 Days S Pen & Multi Window SDK AllShare Framework Real Device, NOT emulator Multiple Devices
  27. 27. THANK YOU! Slides http://bit.ly/droidcon-sec http://eyal.fr

×