History of Android Security – from linux to jelly bean
Download as PPTX, PDF3 likes4,181 views
The document outlines the evolution of Android security and software development from various companies and technologies, including the introduction of the Dalvik VM and Linux-based architecture. It discusses the potential vulnerabilities of Android apps, including unauthorized internet access, self-rooting, and code modification, while also highlighting security enhancements over different Android versions. The text emphasizes the importance of developers taking personal responsibility for data security and code protection amidst the platform's openness and flexibility.
History of Android Security – from linux to jelly bean
- 2. About Me 2000 AT&T Wireless: OODB/CORBA 2001Cellvic(JTEL): CellvicOS/JVM 2003 Samsung: JVM for DTV/SimpleJIT 2007 Aromasoft: JVM for Mobile/JIT Optimization/Dalvik 2011 GE korea: Smart appliance/Linux 2012 SK플래닛: Android/T-Store ARM/Security – jungpil.@sk.com 또는 lifeisliving@naver.com
- 5. • 개인정보가 인터넷으로 빠져나간다 • 앱이 허락받지 않은 인터넷을 사용한다 • 앱이 허락받지 않은 동작(?)을 한다 • 앱이 스스로 루팅을 한다 • 앱이 코드를 스스로 변경한다 • 앱이 Dalvik VM의 정보를 변경한다 • 안드로이드앱이 Dalvik VM이 아닌 다른 VM을 실행시킨다
- 7. • 5억대 판매된, 하루에 130만대씩 개통되는 단말? • A Java platform? – 역사상 자바가 표준 개발언어인 첫 번째 디바이스? RIM? NDK? • A forked Linux? – Why linux? • Andy Rubin: was a Apple Employee • 대안이 없어서? – 역사상 가장 많이 팔린 linux device?
- 8. • Linux: Open Source – ‘mkdir android ; cd android ; repo init -u git://android.git.kernel.org/platform/manifest.git ; repo sync ; make’ • Java: easy to learn, many developers – but an easy language for reverse-enigneering • dex2jar, APKTool, JD-GUI, APKInspector, Smali, Dedexer,,, • 환상의 커플!!!
- 9. • Just a linux application – following Google guides
- 10. • Linux Process • Dalvik VM • Bionic • JNI • Is that all??? – Missing something… – PackageManager, ActivityManager,,,
- 11. • Java? • No more on Android!!! • Dalvik VM is not a security boundary!!! – But Linux Process
- 12. • Linux UID/Group ID: – a unique id based on its signature assigned when it starts • Linux DAC: all or nothing – old style – root can do everything – RWX
- 13. • Permission – Need to be described on AndroidMeanifest.xml • Binder • Kernel Enforcement – group ID <permission name="android.permission.INTERNET" > • <group gid="inet" /> </permission> – Patch • Internet
- 14. • You can do everything in your process • You can use Reflection/JNI – To call hidden/private methods – To get/set private fields • But High return, High risk!!! ex) Unity3D: Using Mono VM
- 16. Distribution (Se API leve Version Release date ptember 4, 201 l 2) 4.1.x Jelly Bean July 9, 2012 16 1.2% 4.0.x Ice Cream Sandwich October 19, 2011 14-15 20.9% 3.x.x Honeycomb February 22, 2011 11-13 2.1% 2.3.x Gingerbread December 6, 2010 9-10 57.5% 2.2 Froyo May 20, 2010 8 14% 2.0, 2.1 Eclair October 26, 2009 7 3.7% 1.6 Donut September 15, 2009 4 0.4% 1.5 Cupcake April 30, 2009 3 0.2%
- 17. • NX bit(No eXecute): – to prevent code execution on heap and stack(2.3+) • Prelink: Used to speed up boot process – removed to prevent return-to-libc attacks(4.0+) • Address Space Layout Randomization(4.0+) – randomize key locations in memory • PIE (Position Independent Executable) – supports (4.1+)
- 18. • FileSystem Encryption – 3.0+ provides full filesystem encryption. 128bit AES key derived from user password • Credential Storage – 1.6+ restricted for only system – 4.0+ provides public API
- 19. • 1st. Protected APK – /data/app: apk without code – /data/app-private: protected by filesystem • 2nd. License Verification Library(LVL) – Google: 2010/7 – Amazon: DRM, T-Store:ARM • 3rd. Encrypted APK – Jelly Bean – Temporary Closed… but
- 21. • ODEX File: optimized dex file dex file Dalvik Virtual odex file Machine Storage (JIT Compiler) (reuse) decompile hijacking • 4.0+ provides a raw dex loading API – Without ODEX!!!
- 22. • Applying SELinux in Android by NSA • Linux Security Modules – Standard Linux Security (Hooking) Framework from v2.6 task management (creation, signaling, waiting), program loading (execve), file system management (superblock, inode, and filehooks), IPC (message queues, shared memory, and semaphore operations), module hooks (insertion and removal), and network hooks (covering sockets, netlink, network devices, and other protocol interfaces) security.h
- 23. • 2012/1 AOSP master branch added(HAVE_SELINUX) – in external/libselinux and external/sepolicy – in core/java and core/jni • SELinux.java, AndroidRuntime.cpp, android_os_SELinux.cpp • Slow and incremental applying expected – not enforcing mode but permissive mode – Android 5.0? • Need to consider it!
- 24. • ARM’s HW solution • Virtualized processors on a ARM chip • Secure World can read Normal World – But Normal World can’t read Secure World • Already on Galaxy S3!!!
- 26. • Use Obfuscator • Use Native Code • Keep data on your server • Sorry, Find your own solutions! – 2011 Google I/O Evading Pirates and Stopping Vampires using License Verification Library, In-App Billing, and App Engine – 2012.4 Code Obfuscation for the Amazon In-App
- 27. • Even Android has many security problems, it is an open, de-facto platform now • It’s getting better but you need to keep your data/code by your own ways • Its openness and flexibility could give some chances to creative developers • T-Store promises to help you soon!