guard your android
TRANSCRIPT
Stay Hungry, Stay Foolish!Stay Alert, Stay Safe!
Om Shanti
Aboutme.apk
A Student and a Learner! Always! :P
Harsh Dattani GDG Baroda
We all know!
● Fastest Growing Mobile Operating System● 1.5 billion downloads a month and growing● Millions of Devices running this Operating
System● Easy (Are you sure?) to Develop Applications● Open Source!
What we Don’t know!
● It’s easy to create malware and target Android.
● Even “seem like trusty” app can be malicious.
● It’s not that our data, but friend’s data is also important!
Important Security Terms!
● Assets● Vulnerabilities● Attack Vectors● Threats● Proactive Measures● Counter Measures● Patches● Malware
Some Famous Android Malware
● Fake Opera Browser● Fake Angry Bird Space● Droid Dream Malware● Blackmart● Cracked Apks● Battery Savers● And More...!
Unix Security Policy
1. Process Isolation2. Hardware Isolation3. User Permission Model4. R/W/X Permissions to file5. Secure IPC
Application Installation
Android Security Policy
1. Application Isolation2. Sandbox of Application3. Secure Communication4. Signing the Application5. Permission model of Application
Virtualization
Application Isolation
● Each application has own GID/UID.
● System apps also have own GID/UID.
● Based on UNIX Security Model.
Permission Policy (Default)
● No app can Write other app data.● But can Read data, with due permission● Connect to network● Cannot Use Peripherals● Cannot Use System APIs to Read/Send
SMS, Call..● Cannot Load App on System Start
Darwin’s Theory!
Dalvik → ART
1.0 → 6.0
Less Secure → More Less Secure
Some Steps!
1. Select popular application. 2. Reverse Engineer it.
a. Dex2jarb. Apktoolc. Smali/Baksmali and many more..
3. Inject malicious code.4. Distribute the app. (With new Certi)
Root?
But it’s not Free!
Dangers of Root!
● Isolation is gone!
● We have unknown code (Custom ROM)
● Permission Exploits
● Privacy! (Major)
Exploitation Frameworks
● AFE● Santoku● MSFvemon● Androguard● APKTool● Dex2Jar
Security Checklist?
JQuery?