How does Android security differ from iOS security?
Android was conceptualised with open development model and hence Initial focus was more on keeping it open rather then keeping it secure. Google has in past few years done an amazing job at tightening the security of an out of the box Android system. Where as when iOS is considered we have to understand that they spend considerable time in scrutinising the software that are made available via App Store although that doesn't guarantees protection against security issues. at this point android 5.0 is still not exploited where as iOS 8.1 series was exploited within 10-15 days of launch as they didn't fixed a already known security issue properly.
Tell me about Android Tamer and your previous work with Android
I started working on android around 2010 when india was catching up on android and the whole smartphone race. I started out with running custom rom's modifying them as per my need and that's when i started looking at various security aspects of android. I did research on various custom roms available online and various security issues associated with them. The research was presented as a whitepaper during c0c0n 2011 security conference in Kerala.
This lead to creation of Android Tamer which is a Linux based customised operating system pre packaged and optimised for android related work. If someone is starting in android field and they need a basic setup they can quickly download android tamer from https://androidtamer.com and get started by booting it in Virtualbox or VMWare software. We have curated and configured best android specific tools for android professions. So you could be an android programmer or a android security researcher or malware analyst or forensic investigator you will find tools for your specific use case preconfigured in it.
What is your opinion of CyanogenMod from a security perspective?
Cyanogenmod is a aftermarket firmware which basically takes AOSP (the open source version of android) and customise it to add new features. Cyanogenmod does offer some advance features like privacy guard which are very useful if you do not want to expose your personal information to all your applications.
Overall Cyanogenmod could be a good fit from security perspective however the effort required to get it up and running on a device varies with each devices and manufacturer.
How easy is it to backdoor Android?
In past 2-3 years security has grown leaps and bounds in android core. As of now core system is not the one being backdoored actively, it is generally the custom OEM components which are used to get backdoors running on the machines. Here off course one exception is physical access. if you give your unlocked phone to an unknown person it is just a matter of connecting a usb cable to your phone and changing some settings to get it backdoored. However thing to be kept in mind this kind of backdoor is always possible with any computing system. Physical access is considered Gameover for all.
What can be done to truly harden the Android operating system to prevent exploitation?
This is where we need to start with a renewed mindset. With Android its not just the phone manufacturer who needs to keep hardening in mind its every user itself. That's how android was conceptualised and is one of the core reason for it being so open, and so customisable. It is assumed that user will make informed decision about installing a software. So If you see that a alarm clock wants to access your contacts or have access to camera it is time to relook if you want to use it. Or worse if your ringtone editor wants access to send SMS you need to be cautious. Google is streamling how permissions are displayed but User is the ultimate authority and hence its upto the user to make final call.
Besides application stealing data another general incident is that the phone is lost. With newer versions of android it is possible to encrypt the phone. It is recommended to encrypt the phone if you have sensitive information on your phone (sensitive information could be your love letters, personal pics, to official documents or conversations). It is also recommended to keep a screen lock which is not simple password like 1234 or 4321. Manyapplications trick users by forcing them to change specific security settings such as allowing unknown source applications installation. Do not change system settings just because an application is asking you to do it.
0 Comments