The document provides a brief history of the author's career working with various mobile technologies from 2000-2012, including AT&T Wireless, Samsung, and SK Planet. It mentions working with technologies like OODB, CORBA, JVM, Android, and security. The author's contact information is provided at the end for further questions.

2. About

3. Me

4.
2000

5. ATT

6. Wireless:

7. OODB/CORBA

8.
2001Cellvic(JTEL):

9. CellvicOS/JVM

10.
2003

11. Samsung:

12. JVM

13. for

14. DTV/SimpleJIT

15.
2007

16. Aromasoft:

17. JVM

18. for

19. Mobile/JIT

20. Optimization/Dalvik

21.
2011

22. GE

23. korea:

24. Smart

25. appliance/Linux

26.
2012

27. SK플래닛:

28. Android/T-Store

29. ARM/Security

30.
– jungpil.@sk.com

31. 또는

32. lifeisliving@naver.com

36. • 개인정보가

37. 인터넷으로

38. 빠져나간다

39.
• 앱이

40. 허락받지

41. 않은

42. 인터넷을

43. 사용한다

44.
• 앱이

45. 허락받지

46. 않은

47. 동작(?)을

48. 한다

49.
• 앱이

50. 스스로

51. 루팅을

52. 한다

53.
• 앱이

54. 코드를

55. 스스로

56. 변경한다

57.
• 앱이

58. Dalvik

59. VM의

60. 정보를

61. 변경한다

62.
• 안드로이드앱이

63. Dalvik

64. VM이

65. 아닌

66. 다른

67. VM을

68. 실행시킨다

71. • 5억대

72. 판매된,

73. 하루에

74. 130만대씩

75.
개통되는

76. 단말?

77.
• A

78. Java

79. platform?

80.
– 역사상

81. 자바가

82. 표준

83. 개발언어인

84. 첫번
째

85. 디바이스?

86. RIM?

87. NDK?

88.
• A

89. forked

90. Linux?

91.
– Why

92. linux?

93.
• Andy

94. Rubin:

95. was

96. a

97. Apple

98. Employee

99.
• 대안이

100. 없어서?

101.
– 역사상

102. 가장

103. 많이

104. 팔린

105. linux

106. device?

108. • Linux:

109. Open

110. Source

111.
– ‘mkdir

112. android

113. ;

114. cd

115. android

116. ;

117. repo

118. init

119. -u

120. git://android.git.kern
el.org/platform/manifest.git

121. ;

122. repo

123. sync

124. ;

125. make’

126.
• Java:

127. easy

128. to

129. learn,

130. many

131. developers

132.
– but

133. an

134. easy

135. language

136. for

137. reverse-enigneering

138.
• dex2jar,

139. APKTool,

140. JD-GUI,

141. APKInspector,

142. Smali,

143. Dedexer,,,

144.
• 환상의

145. 커플!!!

147. • Just

148. a

149. linux

150. application

151.
– following

152. Google

153. guides

155. • Linux

156. Process

157.
• Dalvik

158. VM

159.
• Bionic

160.
• JNI

161.
• Is

162. that

163. all???

164.
– Missing

165. something…⋯

166.
– PackageManager,

167. ActivityManager,,,

169. • Java?

170.
• No

171. more

172. on

173. Android!!!

174.
• Dalvik

175. VM

176. is

177. not

178. a

179. security

180. boundary!!!

181.
– But

182. Linux

183. Process

185. • Linux

186. UID/Group

187. ID:

189.
– a

190. unique

191. id

192. based

193. on

194. its

195. signature

196. assigned

197. when

198. it

199. starts

200.
• Linux

201. DAC:

202. all

203. or

204. nothing

205.
– old

206. style

207.
– root

208. can

209. do

210. everything

211.
– RWX

213. • Permission

214.
– Need

215. to

216. be

217. described

218. on

219.
AndroidMeanifest.xml

220.
• Binder

221.
• Kernel

222. Enforcement

223.
– group

224. ID

225.
permission
name=android.permission.INTERNET
•

227.
group
gid=inet
/
/permission

228.
– Patch

229.
• Internet

231. • You

232. can

233. do

234. everything

235. in

236. your

237. process

238.
• You

239. can

240. use

241. Reflection/JNI

242.
– To

243. call

244. hidden/private

245. methods

246.
– To

247. get/set

248. private

249. fields

250.
• But

251. High

252. return,

253. High

254. risk!!!

255.
ex)

256. Unity3D:

257. Using

258. Mono

259. VM

262. Distribution

263. (Se
Version

264. Release

265. date

266. API

267. level

268. ptember

269. 4,

270. 20
12)

271.
4.1.x

272. Jelly

273. Bean

274. July

275. 9,

276. 2012

277. 16

278. 1.2%

279.
4.0.x

280. Ice

281. Cream

282. Sandwich

283. October

284. 19,

285. 2011

286. 14-15

287. 20.9%

288.
3.x.x

289. Honeycomb

290. February

291. 22,

292. 2011

293. 11-13

294. 2.1%

295.
2.3.x

296. Gingerbread

297. December

298. 6,

299. 2010

300. 9-10

301. 57.5%

302.
2.2

303. Froyo

304. May

305. 20,

306. 2010

307. 8

308. 14%

309.
2.0,

310. 2.1

311. Eclair

312. October

313. 26,

314. 2009

315. 7

316. 3.7%

317.
1.6

318. Donut

319. September

320. 15,

321. 2009

322. 4

323. 0.4%

324.
1.5

325. Cupcake

326. April

327. 30,

328. 2009

329. 3

330. 0.2%

332. • NX

333. bit(No

334. eXecute):

336.
– to

337. prevent

338. code

339. execution

340. on

341. heap

342. and

343. stack(2.3+)

344.
• Prelink:

345. Used

346. to

347. speed

348. up

349. boot

350. process

351.
– removed

352. to

353. prevent

354. return-to-libc

355. attacks(4.0+)

356.
• Address

357. Space

358. Layout

359. Randomization(4.0+)

360.
– randomize

361. key

362. locations

363. in

364. memory

365.
• PIE

366. (Position

367. Independent

368. Executable)

370.
– supports

371. (4.1+)

373. • FileSystem

374. Encryption

375.
– 3.0+

376. provides

377. full

378. filesystem

379. encryption.

380. 128bit

381. AES

382. key

383. derived

384. from

385. user

386. password

387.
• Credential

388. Storage

390.
– 1.6+

391. restricted

392. for

393. only

394. system

395.
– 4.0+

396. provides

397. public

398. API

400. • 1st.

401. Protected

402. APK

403.
– /data/app:

404. apk

405. without

406. code

407.
– /data/app-private:

408. protected

409. by

410. filesystem

411.
• 2nd.

412. License

413. Verification

414. Library(LVL)

415.
– Google:

416. 2010/7

417.
– Amazon:

418. DRM,

419. T-Store:ARM

420.
• 3rd.

421. Encrypted

422. APK

423.
– Jelly

424. Bean

425.
– Temporary

426. Closed…⋯

427. but

431. • ODEX

432. File:

433. optimized

434. dex

435. file

436.
dex

437. file

438.
Dalvik

439. Virtual

440. Machi
odex

441. file

442. ne

443.
Storage

444. (JIT

445. Compiler)

446.
(reuse)

447.
decompile

449. hijacking

450.
• 4.0+

451. provides

452. a

453. raw

454. dex

455. loading

456. API

458.
– Without

459. ODEX!!!

461. • Applying

462. SELinux

463. in

464. Android

465. by

466. NSA

467.
• Linux

468. Security

469. Modules

470.
– Standard

471. Linux

472. Security

473. (Hooking)

474. Framework

475. from

476. v2.6

477.
task

478. management

479. (creation,

480. signaling,

481. waiting),

482. program

483. loading

484. (execve),

485. file

486. system

487. management

488. (superblo
ck,

489. inode,

490. and

491. filehooks),

492. IPC

493. (message

494. queues,

495. shared

496. memory,

497. and

498. semaphore

499. operations),

500. module

501. hooks

502. (i
nsertion

503. and

504. removal),

505. and

506. network

507. hooks

508. (covering

509. sockets,

510. netlink,

511. network

512. devices,

513. and

514. other

515. protocol

516. inte
rfaces)

517. 

518. security.h

520. • 2012/1

521. AOSP

522. master

523. branch

524. added(HAVE_SELINUX)

525.
– in

526. external/libselinux

527. and

528. external/sepolicy

529.
– in

530. core/java

531. and

532. core/jni

533.
• SELinux.java,

534. AndroidRuntime.cpp,

535. android_os_SELinux.cpp

536.
• Slow

537. and

538. incremental

539. applying

540. expected

541.
– not

542. enforcing

543. mode

544. but

545. permissive

546. mode

547.
– Android

548. 5.0?

549.
• Need

550. to

551. consider

552. it!

554. • ARM’s

555. HW

556. solution

557.
• Virtualized

558. processors

559. on

560. a

561. ARM

562. chip

563.
• Secure

564. World

565. can

566. read

567. Normal

568. World

569.
– But

570. Normal

571. World

572. can’t

573. read

574. Secure

575. World

576.
• Already

577. on

578. Galaxy

579. S3!!!

582. • Use

583. Obfuscator

584.
• Use

585. Native

586. Code

587.
• Keep

588. data

589. on

590. your

591. server

592.
• Sorry,

593. Find

594. your

595. own

596. solutions!

597.
– 2011

598. Google

599. I/O

600. Evading

601. Pirates

602. and

603. Stopping

604. Vampires

605. using

606. License

607. Ve
rification

608. Library,

609. In-App

610. Billing,

611. and

612. App

613. Engine

614.
– 2012.4

615. Code

616. Obfuscation

617. for

618. the

619. Amazon

620. In-App

623.
• Even

624. Android

625. has

626. many

627. security

628. problems,

629. it

630. is

631. an

632. ope
n,

633. de-facto

634. platform

635. now

636.
• It’s

637. getting

638. better

639. but

640. you

641. need

642. to

643. keep

644. your

645. data/cod
e

646. by

647. your

648. own

649. ways

650.
• Its

651. openness

652. and

653. flexibility

654. could

655. give

656. some

657. chances

658. to

659. creative

660. developers

661.
• T-Store

662. promises

663. to

664. help

665. you

666. soon!