secure your android app- fight the leaks!
Post on 19-Oct-2014
198 views
DESCRIPTION
You can consult the speaker's notes on the Google Drive presentation: http://bit.ly/droidcon-sec On the corporate environment, data is often more sensitive and strategic than the equipment. During this talk we will explore together the security issues that can occasionally cause leaks on an Android app and how to prevent them.TRANSCRIPT
![Page 1: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/1.jpg)
SECURE YOUR APP
FIGHT THE LEAKS!
DROIDCON PARIS 2013
![Page 2: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/2.jpg)
EYAL LEZMY
Slides http://bit.ly/droidcon-sec
http://eyal.fr
ANDROID PRESALES ENGINEER, SAMSUNG B2B
TREASURER AT PARIS ANDROID USER GROUP
ANDROID GOOGLE DEVELOPER EXPERT
![Page 3: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/3.jpg)
DON'T LET HIM DOWN
THE USER TRUSTS YOUCompany
![Page 4: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/4.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
APPS HAVE TO RESPECT THE DATA
Different ways to unintentionally grant other apps access to the data inside your application :
Exporting an unprotected component
Storing personal data in a world readable file
Logging personal data in logcat logs
![Page 5: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/5.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
It declares accessible app components Activity, Service, Receive,...
Adding <intent-filter>=> your element is exported by default
CHECK YOUR ANDROIDMANIFEST.XML
ContentProvider is always exported by default, until android:targetSdkVersion="17"
![Page 6: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/6.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
Don't export app components unless you want to share their content with other applications
<application android:label="@string/app_name">… <service android:name=".ServiceExample“ android:exported="false"> <intent-filter>
… </intent-filter>
</service>…</application>
CHECK YOUR ANDROIDMANIFEST.XML
![Page 7: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/7.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
Don't export app components unless you want to share their content with other applications
<application android:label="@string/app_name">… <service android:name=".ServiceExample“ android:exported="false"> <intent-filter>
… </intent-filter>
</service>…</application>
What is your legitimity to
expose data?
CHECK YOUR ANDROIDMANIFEST.XML
![Page 8: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/8.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
There are different permission protection levels:
normal Lower risk permission
dangerous Higher risk, access to user private data, potential negative impact
signature Needs the same certificate signature
PERMISIONS
![Page 9: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/9.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
Lets look at the code:
<permission android:name="com.example.EXAMPLE_PERM“ android:label="@string/example_perm_l“ android:description="@string/example_perm_d“ android:icon="@drawable/example_perm_i“ android:protectionLevel="signature" />...<service android:name=".ServiceExample“ android:permission="com.example.EXAMPLE_PERM">
<intent-filter>...</intent-filter>
</service>
PERMISIONS
![Page 10: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/10.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
Don't be the weakest link
private boolean checkPermission(Context context){ String permission = "com.example.EXAMPLE_PERM"; int res = context.checkCallingPermission(permission); return (res == PackageManager.PERMISSION_GRANTED);}
PERMISIONS
Always check the permission of a caller if you use your permission
![Page 11: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/11.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
DISABLE USELESS ACTIVITIES
Fit your components lifecycle to your application's lifecycle
If before configuration (login, account creation, ...) a service or activity is not useful, disable it
If your application handles common implicit Intent's actions like ACTION_VIEW or ACTION_SEND consider disabling it by default
![Page 12: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/12.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
PackageManager.setComponentEnabledSetting(componentName, newState, flags);
DISABLE USELESS ACTIVITIES
<activity android:name="com.example.Activity" android:label="@string/app_name" android:enabled="false"></activity>
Disabled:
Enabled:
![Page 13: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/13.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
STORING DATA WISELY
Protect personal data using MODE_PRIVATE for data files, shared preferences, and databases:
openFileOutput()openSharedPreferences() openOrCreateDatabase()
External storage (sdcard) is shared storage
![Page 14: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/14.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
PLEASE... SHUT THE FUCK UP!
public static final boolean SHOW_LOG = BuildConfig.DEBUG;
public static void d(final String tag, final String msg) { if (SHOW_LOG) Log.d(tag, msg);}
Don't expose data through logcat on productionDetect the build mode with BuildConfig.DEBUG
Be careful about this subject and test it during QA
![Page 15: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/15.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
PROTECTING APP FROM USERS
No more android:debuggable on the manifest
Don't leave this enabled in release code!
ADT 8.0+ do it for you automatically
![Page 16: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/16.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
$ adb shellshell@android:/ $ run-as com.android.example sh
shell@android:/data/data/com.android.example $ iduid=10060(app_60) gid=10060(app_60)
shell@android:/data/data/com.android.example $ ls files/secret_data.txt
shell@android:/data/data/com.android.example $ cat files/secret_data.txt
PROTECTING APP FROM USERS
![Page 17: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/17.jpg)
IT'S NOT JUST ABOUT YOUR APP
INSECURE NETWORK
LOST OR STOLEN DEVICES
![Page 18: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/18.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
Free certified SSL: https://www.startssl.com/
USE SAFE NETWORKING
HTTPS and SSL can protect against Man in the Middle attacks and prevent casual snooping
Server certificate validity must be correctly checked"15% of apps have weak or bad SSL implementation on the Play Store"
![Page 19: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/19.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
...but it may help discouraging curious.
Use a peer-reviewed library like KeyCzar
Take care of the key :Create it at first start, with true randomOr grab a user key from your serverOr ask the user for a passphrase you won't store
DATA ENCRYPTION DOESN'T SOLVE ALL PROBLEMS
![Page 20: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/20.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
On a corporate environment, device administration can be considered
Password managementDevice encryptionDisable cameraLock the deviceRemote wipe
DEVICE ADMINISTRATION
![Page 21: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/21.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
BEHIND THE STAGE
The APK's content is always world readable, take care about what you put inside
Sensitive files should be kept out of the APK
Java is open source, your code tooUsing Proguard takes a single line of codeOr...Dex encryptionAAPT modified Logic on server
![Page 22: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/22.jpg)
IT'S NOT JUST ABOUT SECURITY
THINK ABOUT POLITICS...
![Page 23: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/23.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
THE SECURITY PARADOX
![Page 24: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/24.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
"The more secure you make something, the less secure it becomes"
Level the security following the user acceptance or...Users will find workaroundsUsers won't use your service
NEVER FORGET THE USER, NEVAAAAA!
![Page 25: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/25.jpg)
Copyright © 1995-2012 SAMSUNG All rights reserved
REFERENCES
Google I/O 2012 Sessions
Android Developpers Live Youtube channel
Android DevelopementAndroid Developement: Using Cryptography
The Commons Blog
InformationWeek: Security Paradox
ThreatPost: SLL implementation on Android apps
StartSSL Free certificates
![Page 26: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/26.jpg)
SAMSUNG SMART APP CHALLENGE 2013
SAMSUNG SMART APP CHALLENGE 2013
A Global app challenge Apps for the Galaxy S4 Use of Samsung Chord SDK Apply June 20 - August 31
www.smartappchallenge.com
$800,000 for 10 winners
![Page 27: Secure your Android app- fight the leaks!](https://reader033.vdocuments.mx/reader033/viewer/2022051816/5444be94afaf9fa8098b4a36/html5/thumbnails/27.jpg)
SAMSUNG DEVELOPERS
SDKs and Documentation
http://developer.samsung.com
Samsung Chord SDKBluetooth Low Energy SDK
Remote Test LabTest your applications on real devices through the internet
Free24H 365 Days
S Pen & Multi Window SDK AllShare Framework
Real Device,NOT emulator
Multiple Devices