Dailydave mailing list archives
Re: Android Attacks Slides
From: Bas Alberts <bas.alberts () immunityinc com>
Date: Mon, 2 Apr 2012 15:11:48 -0400
If I recall correctly that's just an overview slide based on terminology used by Google when describing Android's basic security architecture. http://developer.android.com/guide/topics/security/security.html There's really no implied statement made on whether or not that permission model is actually effective. It's just a term that was adopted from the Google documentation and the talk itself did not really focus on the permission model. The discussion about how fine grained or effective Android's permission model is becomes fairly moot in general when you consider effective attacks on the kernel or otherwise privileged attack surfaces exposed to any native Android app (as demonstrated in the talk). As a sidenote, we presented this in January 2011, whereas the papers you're referring to were published late 2011. It seems that Academia hadn't layed down the yellow brick road to englightenment for us yet, but if we ever do an Android talk again we'll be sure to put "finer" in quotes. Cheers, Bas On Fri, Mar 30, 2012 at 05:50:23PM -0400, Jeffrey Walton wrote:
Hi Guys, Android Attacks (Bas Alberts/Massimiliano Oldani), http://www.immunityinc.com/infiltrate/2011/presentations/Android_Attacks.pdf. Perhaps I'm reading Slide 15 wrong: Fine grained Permission/Capability model ● Per installed Application (Manifest) ● Per URI (Intent permission flags) I believe Android lacks Fine Grained permissions: Felt, Adrienne Porte; Chin, Erika; Hanna, Steve; Song, Dawn; Wagner, David. "Android Permissions Demystified," http://www.cs.berkeley.edu/~afelt/android_permissions.pdf. Jeon, Jinseong; Micinski, Kristopher K.; Vaughan, Jeffrey A.; Reddy, Nikhilesh; Zhu, Yixin; Foster, Jeffrey S.; Millstein, Todd." Dr. Android and Mr. Hide: Fine-grained security policies on unmodified Android," http://www.cs.umd.edu/~jfoster/papers/acplib.pdf. In fact, the permissions are so coarse grained and borked that Google was giving everone READ_PHONE_STATE whether they wanted it or not (the practice has been changed). And READ_PHONE_STATE includes call status, incoming number, identity iformation such as IMSI, etc. See "Android permissions: Phone Calls: read phone state and identity," http://stackoverflow.com/questions/1747178/android-permissions-phone-calls-read-phone-state-and-identity. Jeff _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Android Attacks Slides Jeffrey Walton (Apr 02)
- Re: Android Attacks Slides Bas Alberts (Apr 03)
- Re: Android Attacks Slides Tim (Apr 03)
- Re: Android Attacks Slides James Manico (Apr 03)
- Re: Android Attacks Slides Jeffrey Walton (Apr 05)
- Re: Android Attacks Slides Dean Pierce (Apr 05)
- Re: Android Attacks Slides James Manico (Apr 03)
- Re: Android Attacks Slides r3dRAND (Apr 05)
- Re: Android Attacks Slides Moxie Marlinspike (Apr 05)