Security of Mobile Devices

thickbugΛογισμικό & κατασκευή λογ/κού

28 Οκτ 2013 (πριν από 4 χρόνια και 11 μέρες)

88 εμφανίσεις

Lon
Kastenson

Security of Mobile Devices


Overview


Types of attacks


Security in Android


Security in
iOS


Security in other mobile platforms


Current protocols and solutions


Security in the future


Questions

Agenda


June 2004:
Cabir


The Evolution after
Cabir


2006: 31 Families, 170 Variants


Cabir
,
Comwar
,
Skuller.gen


In Symbian Alone!


Windows Mobile 2003 and
PocketPC


Comwar



Overview: History


2007
Jailbreaking

iPhones and iPods reveals critical
flaw in
iOS


2008, exploits found in both Android and
iOS


2009: Blackberry Hacked


2010, 5% of apps contain malicious code


2011, The Apple user tracking debate


2011, confirmed attack on Android Market

Overview: History


1.6 billion smartphone sales worldwide (as of 2010)


Overview: Present

38%

23%

16%

16%

4%

4%

Percent of Worldwide Smartphone Sales

Symbian
Android
RIM (Blackberry)
iOS
Microsoft
Other
Source: http://www.gartner.com/it/page.jsp?id=1543014


Both Android and
iOS

have known security risks.


IBM X
-
Force predicts the number of attacks this year
will double since last year.


Popular attacks remain Trojan Horses and Social
Engineering hacks.

Overview: Present


Trojan Horse (Most popular, evident in Android
Market Attack)


Worm


Virus


Socially Engineered


Man in the middle attacks


Privacy Issues? (Application Terms of Service
Agreement)

Types of Attacks

March 2011 Attack on Android Market

Source:
http
://
www.androidpolice.com/2011/03/01/the
-
mother
-
of
-
all
-
android
-
malware
-
has
-
arri ved
-
stolen
-
apps
-
released
-
to
-
the
-
market
-
that
-

root
-
your
-
phone
-
steal
-
your
-
data
-
and
-
open
-
backdoor
/


Direct Install (Trojan)


Bluetooth


MMS message


Memory card


File Injection


Other methods?

Propagation Methods


iOS

tracking users?


Privacy Policy for smartphone apps


Apps having too much access?


http://blogs.wsj.com/wtk
-
mobile/

Privacy Issues


Hardware level


Kernel level


Linux kernel


“ROMs”


Android Security Program

Android Security


NX bit


NFC for wallet transactions


Hardware DRM (locked
bootloader
)


Off system encryption key



Hardware Level Security


Hardware Drivers located in the kernel


Explicit permission needed


Only kernel level applications have root access


Secure Inter
-
process Communication


Dalvik

Virtual Machine

Kernel Level Security


“Application Sandbox”


Protection for rooted users?

Dalvik

Virtual Machine

Source: http://source.android.com/tech/security/


System Partition and Safe Mode


Filesystem

Permissions


Filesystem

Encryption


Operating System Security


Design Review


Penetration Testing and Code Review


Open Source and Community Review


Incident Response


OTA updates


What happened with the March 2011 attack?

Android Security Program


Rooted Devices


Android Market


Pipes


JNI


Permissions Prompt


Android Security Issues

Next

I accept

Continue?

Really
Continue?


Closed Source


Market App Approval


Security Architecture


Security APIs


Authentication


Encryption


Permissions



iOS

Security


Apple Developer Program approved developers only
allowed to put applications on the market.


Strict guidelines for application approval


Must adhere to style guides



iStore

Market Approval System


Security Server Daemon


Security APIs


Core OS based encryption

Security Architecture


Keychain


CFNetwork


Certificate, Key and Trust Services


Randomization Services


Objective
-
C API

Security APIs


Filesystem

Permissions


Filesystem

Encryption


Address Space Layout Randomization


Data Execution Prevention



Other Security Services


Weak “sandbox”


Vulnerable applications a threat


Closed source approach


Jailbroken

devices



iOS

Security Issues


Capability Model


Process Identity


Data Caging


Certification


Symbian Security


Each binary is a capability


User Capabilities


System Capabilities


How it all works

Capability Model


“Copies” of DLLs are made and the kernel will check
for any forged function calls.

How Capability Works

Source: http://www.developer.nokia.com/Community/Wiki/File:Capability_subversion.PNG


SecureID


VendorID


Process Identity


Applications restricted what data is accessed


File server controls access, capability.


Sharing data privately


Databases and data caging

Data Caging


Certification Assignment


Untrusted Applications


Trusted Applications


Self
-
signing Applications

Certification and Platform Security


Been around longest, more malware out there.


Currently supported, but no longer a priority for
development at Nokia.


Capability model has shown weakness in the past.

Symbian Security Issues


Unique certification for Windows Phone
Marketplace


Mandatory Code Signing


.NET managed Code


Isolated storage “sandbox”


SSL root certificates


Data Encryption


Windows Phone Security


Hardening


On a hardware level


On a software level


Attack Surface Reduction


Internet (Cloud) based protection


Telecom based protection


Privacy Argument, how much security is too much?

Possible Solutions


Speculation by Dr. Charlie Miller


Speculation of IBM X
-
Force


Gostev’s

“Laws of Computer Virus Evolution”


In the Future


Gostev
, Alexander. (2006 September) Retrieved October 2011, from
Securelist



Mobile Malware Evolution: An Overview Part 1
http://
www.securelist.com/en/analysis?pubid=200119916


Gartner (
n.d.
). Retrieved October 2011, from Gartner


Gartner Says Sales of Mobile Devices in Second Quarter of 2011 Grew 16.5
Percent Year
-
on
-
Year; Smartphones grew 74 Percent
http://www.gartner.com/it/page.jsp?id=1764714



Google. (
n.d.
).
Android Open Source Project
. Retrieved Sept 2011, from Android Open Source


Android Security Overview
http://
source.android.com/tech/security/index.html


Apple. (
n.d.
).
Mac OS X Developer Library.

Retrieved Sept 2011, from Apple Developer


Security Overview
http://developer.apple.com/library/mac/#
documentation/Security/Conceptual/Security_Overview/Introduction/Introduction.html


Nokia. (
n.d.
).
Symbian C++ Books.

Retrieved October 2011, from Nokia Developer


Fundamentals of Symbian C++/Platform Security
http://
www.developer.nokia.com/Community/Wiki/Fundamentals_of_Symbian_C%2B%2B/Platform_Security


Microsoft. (
n.d.
).
MSDN.

Retrieved October 2011, from MSDN


Security for Windows Phone
http://msdn.microsoft.com/en
-
us/library/ff402533.aspx



IBM. (
n.d.
).
IBM Security Solutions.

Retrieved September 2011, from IBM


IBM X
-
Force 2011 Mid
-
Year Trend and Risk Report
http://public.dhe.ibm.com/common/ssi/ecm/en/wge03015usen/WGE03015USEN.PDF



PCWorld
. Bradley, Tony. Retrieved September 2011, from
PCWorld



Adobe Flash Zero Day Puts Android Smartphones at Risk.
http://www.pcworld.com/businesscenter/article/205411/adobe_flash_zero_day_puts_android_smartphones_at_risk.html




Montoro
,
Massimiliano
. Retrieved October 2011from
oXit



About Cain
http://www.oxid.it/cain.html



(
n.d
.
). Retrieved October 2011 from
CyanogenMod

Wiki


What is
CyanogenMod
?
http://
wiki.cyanogenmod.com/index.php?title=What_is_CyanogenMod


Apple (
n.d.
). Retrieved October 2011 from Apple Developer


Guidelines for
Appstore

Submissions
http://
developer.apple.com/appstore/resources/approval/guidelines.html


Accuvant
.
Farnum
, Michael. Retrieved October 2011 from
Accuvant



Dr. Charlie Miller Compares the Security of
iOS

and Android
http://
www.accuvant.com/blog/2011/10/20/dr
-
charlie
-
miller
-
compares
-
security
-
ios
-
and
-
android


Viega
, LeBlanc, Howard.
19 Deadly Sins of Software Security.

Emeryville
, CA: McGraw
Hill
-
Osborn. 2005. Print.


Whitaker, Evans, and
Voth
.
Chained Exploits.

Boston, MA: Addison
-
Weasley
. 2009. Print

References

Questions?

!

Are you sure
you want to
answer
questions?