Dailydave mailing list archives

Re: Android Attacks Slides

From: Bas Alberts <bas.alberts () immunityinc com>
Date: Mon, 2 Apr 2012 15:11:48 -0400

If I recall correctly that's just an overview slide based on terminology
used by Google when describing Android's basic security architecture.

http://developer.android.com/guide/topics/security/security.html

There's really no implied statement made on whether or not that permission 
model is actually effective. It's just a term that was adopted from the 
Google documentation and the talk itself did not really focus on
the permission model.

The discussion about how fine grained or effective Android's permission
model is becomes fairly moot in general when you consider effective
attacks on the kernel or otherwise privileged attack surfaces exposed 
to any native Android app (as demonstrated in the talk).

As a sidenote, we presented this in January 2011, whereas the papers you're 
referring to were published late 2011. It seems that Academia hadn't 
layed down the yellow brick road to englightenment for us yet, but if we
ever do an Android talk again we'll be sure to put "finer" in quotes.

Cheers,
Bas

On Fri, Mar 30, 2012 at 05:50:23PM -0400, Jeffrey Walton wrote:

Hi Guys,

Android Attacks (Bas Alberts/Massimiliano Oldani),
http://www.immunityinc.com/infiltrate/2011/presentations/Android_Attacks.pdf.

Perhaps I'm reading Slide 15 wrong:

    Fine grained Permission/Capability model
        ● Per installed Application (Manifest)
        ● Per URI (Intent permission flags)

I believe Android lacks Fine Grained permissions:

Felt, Adrienne Porte; Chin, Erika; Hanna, Steve; Song, Dawn; Wagner,
David. "Android Permissions Demystified,"
http://www.cs.berkeley.edu/~afelt/android_permissions.pdf.
Jeon, Jinseong; Micinski, Kristopher K.; Vaughan, Jeffrey A.; Reddy,
Nikhilesh; Zhu, Yixin; Foster, Jeffrey S.; Millstein, Todd." Dr.
Android and Mr. Hide: Fine-grained security policies on unmodified
Android," http://www.cs.umd.edu/~jfoster/papers/acplib.pdf.

In fact, the permissions are so coarse grained and borked that Google
was giving everone READ_PHONE_STATE whether they wanted it or not (the
practice has been changed). And READ_PHONE_STATE  includes call
status, incoming number, identity iformation such as IMSI, etc. See
"Android permissions: Phone Calls: read phone state and identity,"
http://stackoverflow.com/questions/1747178/android-permissions-phone-calls-read-phone-state-and-identity.

Jeff
_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave

Attachment: signature.asc
Description: Digital signature

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave

Current thread:

Android Attacks Slides Jeffrey Walton (Apr 02)
- Re: Android Attacks Slides Bas Alberts (Apr 03)
- Re: Android Attacks Slides Tim (Apr 03)
  - Re: Android Attacks Slides James Manico (Apr 03)
    - Re: Android Attacks Slides Jeffrey Walton (Apr 05)
    - Re: Android Attacks Slides Dean Pierce (Apr 05)
  - Re: Android Attacks Slides r3dRAND (Apr 05)
    - Re: Android Attacks Slides Moxie Marlinspike (Apr 05)