the Android platform is responsible for securing the limits. Colonel. So Google,
when they're it's Google's responsibility to make sure that the linens colonel is secure, that there's not bugs, that there's not, um, security risks inherent with the colonel.
The platform also secures user data
by securing the inner process communication it prevents
or supposed to prevent
applications from talking to want one another, applications from accessing the colonel
or making changes to the colonel.
Now, depending as we'll see that doesn't always work.
Protect system resource is removes removal and necessary and or vulnerable sections of the colonel again.
Google identifies a portion of the code,
that is, ah, security risk,
it's their job to fix it. They own the source code, even though it's open source. They're the primary people responsible for the source code
access to storage media.
The platform says where you can write the
Can I write it to this area? Can I write it to the media card? The optic Colonel, The platform decides that makes that decision
and transmission of network data. Can this app
transmit over the network?
Can it do this? Can't that gets into the permission model. When I download an app on the run android phone,
I can write or I need these permissions. The APP has to say I need permission X, y and Z and eyes the user have to say,
Do I want to give the app those permissions or not? If I don't give those permissions, the app won't insult.
So I have a binary decision. Do I install it with these permissions or I do not know. Why not install it? Because I don't like the permissions it has. There's no middle ground I can't say. Well, it can access these things, but I really don't want it to access the
I don't have that choice is user. It's all or none on from my perspective.
Application, runtime app, sand boxing limits. Access. The limits hurt Colonel.
It's mandatory for all APS native and third party.
It's also supposed to limit APS interacting with each other.
angry birds and I have my Gmail. Klein.
Angry birds should not be able to look at the data
They're in two separate memory spaces,
and it leverages the limits user based isolation
of resource is in order to dio this sand boxing
it's using limits is a fairly secure platform,
as a lot of nice security features built in.
It's leveraging those security features and order to help isolate it.
They use different parts of RAM. They're not sharing RAM space. They're using different parts of Io there.
There's not gonna be any communication between them.
The system partition. This
it's set to read. Only
there should not. APS should not be able to make changes to the system partitions.
You don't want APS making changes. The system partitions. This is
equivalent to say that
about System 32 folder
system 30 to the default build motions. Files shouldn't be changed unless they really have to. And as Windows has progressed,
Microsoft has limited Maur and Maur What APS can make changes to the system. 32 folder
before sort of willy nilly. Anybody could do it now APS or I say, APS programs and Microsoft's have to have explicit user permission toe actually, right there.
So they're changing the security model on the desktop side to try to prevent unauthorized use on the computer side. Well, they do that. The op, these many the U. S. Manufacturer developers do the same thing on this side.
They want to prevent the system colonel from changing
the first step. The easiest step. Let's make it read only by default. There's no right permissions of the system kernel or the system partition.
The system partition contains the colonel. The operating system libraries the default application. So the applications they're installed by default by
the phone manufacturer or by Google,
The application run times Theo application framework. So how do the applications actually work? What are the libraries for the applications?
What's the underlying colonel for the phone that all those items are supposed to be? Read only.
And there's also should be safe mode access so that the safe mode actresses toe allow the device to boot even if something goes wrong with the phone. So I install some app, and for whatever reason, the phone now won't boot. Most android phones. There's a way to force it into safe mode, and when it it's exactly like Windows safe mode.
So those of you that have used windows for a long time you know that when you boot. If there's been a system error, you've usually given the option to load into system or a safe mode. Excuse me when you load into, say, phone, you're on. Lee have access to certain functionality. Is the baseline functionality.
So with safe mode access? If I have an application that
crashed my system, for whatever reason, I boot up the phone, and every time the phone boots that application crashes the phone
I can boot into safe mode instead and have the ability to remove that phone, are removed that application and then reboot
into normal mode. And that should fix the crashing problems.
That's why safe mode is there.
Android's default core Secure Default Core applications,
Google Web Kit Browser, Google Calendar, Gmail,
Google Maps, Google SMS Messenger and Google email. Now these are the default APS
that Google has defined,
in the operating system. However,
depending on the definition document, are allowed to switch out some of these APS
four custom maps that provide the same functionality.
So if I'm a manufacturer,
I don't necessarily have to install Gmail.
I can install my own email client
as long as it has the same functionality that G e mailed us.
I don't have to install Google's calendar.
I can stall in solid, different calendar as long as it meets the requirements of the definition document.
This is one of the greatest strengths and one of the greatest weaknesses of android devices.
Unlike with Apple phone Apple iPhones were Apple makes the determination of exactly which APs come by default, and every single phone comes with the same default APS.
Google leaves some of this up to the manufacturer, so I, as a user if I don't do my research,
might not know that the HTC phone on your spot
isn't using the secure default core applications. It's not using Gmail or it's not using Google calendar. It's using something HTC put on the phone and said,
And how do I know that the applications that HTC just loaded
have the same security
or secure code that the applications that Google is looking at
or if the bug is found? How long is it going to take HTC to update their applications compared to how long it will take Google to upload or update their applications?
So it's great that is customizable. It's great. The manufacturers can make customization choices for the phones they're creating,
but there's a risk inherent in that
without using the default APS, you're now left up to the phone manufacturer to be doing the update process to doing the patching process, making sure that these programs don't have bugs in them. It's a longer Google's responsibility to make sure that HTC email client
doesn't have a bug in it. It's HCC is requirement to make sure that their email client doesn't have a bug in it.
So file system permissions
again. When I download an app and install it, I get a list of
what permissions the phone requires. I require
X, y and Z in orderto actually operate. Do you, as the user agree to this? You only have to agree
or if the permissions changed on an update.
when you first install it, it needs these permissions.
Couple updates come out, and eventually with this update, it needs an additional permission. You was the user than have to say yes, I accept the new permissions,
but the whole time, the rest of time this program's running,
you don't see what permissions
it has. You don't see what resource is it's using you. Once you proved it, it's approved. It's good to go,
and that includes any code that comes with it. So again,
I have a free app, but it has
ads in it, and that's how they were actually making their morning.
The ads have the exact same permissions as the APP itself,
so and usually the ads aren't provided by
the developer of, Let's Say, the game,
Angry Birds. The developer probably isn't making the ads. It's an ad on code that they got from some other company. Well, that ad on code is running with same permissions that angry birds is running with. And if they didn't do validation
that that doesn't have any security flaws, you might be opening yourself up
two other attacks without even realizing it. And the angry birds developers don't realize it, either.
They didn't realize that there was a security vulnerability with whichever ad company they're using,
by the inherent permissions of angry birds, they've you've opened your
phone up through angry birds application to do something bad. Now I'm not saying angry birds is compromised in any way. It's just an app that everybody knows about
each app runs his own
this is one of those ways they sandbox by not having
by having a unique user for each app.
APS shouldn't be able to work with each other because you have to have the right user permissions to run or two.
Change another application.
Data cannot be shared or changed by other APS, however,
and that there's a big. However,
there's authors of third party APS can circumvent
There are ways around it
Google releases the code they make it. A secure is possible. But there's always going to be either spa, uggs or gotchas with the code.
Third party app. Developers have found ways
to circumvent the non sharing or changing by other APS.
How long is that going to remain? I don't know.
Is there a reason it's not closed?
Probably. But you'd have to ask Google why they allow it.
Android three points
Oh, or three point accent later offer full file system encryption.
So with Android three, which was only released for tablets in Android four, which is now a tablet and
I can fully encrypt my desk it takes about an hour,
which isn't bad. You had them a full battery. You have 100% battery has to be plugged in,
and I can encrypt. It takes about an hour
the recommendation is that it should be one of the first things you d'oh on the new device again
if somebody gets physical access to it, There's really two things that prevent them from getting the information from your device
easily, relatively easily. Having a password on the device and having the information on the back end encrypted.
In order to set encryption, you must have a password, and that password cannot be a swipe password.
So it has to be an alphanumeric password
does not encrypt removal. This is it does not decrypt removal media by default. From what I've seen, there's not even option on most devices to even encrypt the removable media.
When we talk about BlackBerry will see the BlackBerry devices. You do have the option to encrypt removable media cards.
Most android devices. I don't have that capability, and most android devices do have removable media. So if you're storing sensitive information on your tablet,
your encrypted tablet
and you're not password protecting or encrypting the documents themselves. You should really consider installing them or having them stored on the internal memory if you can, rather than on the memory card.
Because if I take the memory card
and put it into a forensic tool such as guidance software's in case or access data is F T K,
it would be able to read that information if it's not encrypted. Not a problem whatsoever to read that information. Most media cards are encrypted. Are formatted fat 32.
So very easy during the information off that media card without encryption
passwords. User configured not mandatory, not set by default.
Android devices by default have the swipe either the swipe to unlock.
Move the little guys down.
those provide absolutely no security whatsoever.
So a minimum a swipe pattern should be chosen.
If any sort of sensitive information is used on that phone, though, it's recommended you use an alphanumeric password.
Forensic tools at this point, so
celebrate celebrates you. Fed is one of the preeminent forensic tools on the market.
about half of the android phones that are available. That swipe pattern can be broken.
It can go in the physical memory, find out with a swipe pattern stored
and get this white pattern out of memory.
Can't do the same thing with complex passwords.
So just be aware. And this forensic tools.
What is it? The story in different places, in different ways?
Yes, it's stored differently, and it also depends on the manufacturer of the device and how the manufacturer stores it. So it's not necessarily an issue with the operating system itself
because when celebrate celebrates updates, the last couple of months have focused on particular device manufacturers.
I haven't seen a single HCC phone where the swipe pattern is breakable yet.
But I've seen other manufacturers where this white pattern is breakable. So then the question becomes, Is it the way the phone hardware
is working itself? That's allowing them to get to it? Or is it something with the operating system? Well, since the HTC ones don't have the swipe pattern breaking yet, I'm guessing it's the way the other device, many the Yeah, the other device manufacturers
have encrypted or stored the encryption, or there's some weakness somewhere, I can tell you with the iPhone, the encryption chip on the,
iPhone three G s and the iPhone for there's a there's a flaw on where it allows you to brute force it. I can't tell you exactly what
Celebrate is targeting for the android ones because they haven't.
They don't want their competitors to know how they're breaking. So they haven't released specifics on what exactly they're doing to get the information,
I can tell you that they have the ability to do so,
so I don't know if I answered your question or sort of bypassed it, but
it's known by celebrate, but
they're not gonna tell me how they're exactly doing it.
Passwords help prevent unauthorized access. It's the first layer of security when we talked about cell phones. We talk about multiple layers of security we want make it as difficult as possible for some way to get access to the phone.
Once you've set a password, you can then set file system encryption
whenever I buy an android device, and I bought three. So far, the first thing I do when I get back from the store
is after providing it with my
Gmail account, which is the first thing you have to d'oh!
I set a password before I do anything else, and the next thing I dio is if it has a full charge
I've turned encryption on. If it doesn't, I plug it in until it has a full charge. And I turned encryption
so that the user data is not encrypted by default. When we talk about Apple there, user partition is encrypted by default it up to the operating system. Whether it's encrypted by default. APPA Android does not
pattern lock. It's just a user, too. Findable graphical password does not allow for encryption, and basically what you d'oh
is, you draw pattern.
You can only do each dot once
you can't go through a dot twice,
so you have nine points of security.
except you can't encrypted that point. And
the screens are very good at keeping fingerprints. So if you're not wiping your phone off constantly and you just unlocked it, somebody will very easily be able to see which password you just in. Put it on your device. So just be careful about that.
well, you can send a pin or even set an alphanumeric password. I would not set a pin. Yes again. Four digit password. Nice and easy.
But if you just set a pin, there's a chance that it could be easily brute forced. There's only 10,000 cop. There's only 10,000 possibilities when we talk about a pin. 000029999 It's only a four digit pin.
If there's a weak, any sort of weakness,
such as the earlier iPhones,
it can pass word break
that the password. No problem whatsoever.
So to get to the security options, sat ing security in the go to screen lock and within those menus of the last for both pattern lock and or password
security validation certified. So
this is the certified government. Oh, it's co created by the Endesa. So they worked with Google
and they were able Thio, um,
create this custom colonel for allowing their employees to use on android devices
the base level OS security open source operating system subject to high scrutiny. Anybody in their mother could get access to the source code. Anybody can look at it now, not anybody's gonna probably understand it, but if you have any sort of limits. Programming background.
You're probably exactly understand what the code is doing.
The core operating system is isolated again. We keep the core system separate from the applications. Bears
Colonel per partition is also set to read only so APS should not be able to write to the colonel Partition
Authentication. Token based. Two factor authentication so you can get additional
security on your phone to require two factor authentication.
But that's not by default.
Data protection. Full file system Encryption is possible on Lee encrypts tthe e user partition does not encrypt the system partition,
but anybody can see the system partition anyway because everybody has access to the source code, so your user data isn't stored there. So for your purpose is, my purpose is
we want to protect Thea
the user side of the house.
Encrypt all that on the device, excluding the system Colonel
and Crips, or can encrypt external storage if the device manufacturer enabled it.
Some do most don't. So normally, the removable media card is not encrypted ble
applications security. All applications require code. Sign in to Google has told the developers you must sign the code with the certificate that we provide you when you become an APP developer,
and if you try to run a code or right run an application that's not signed. More than likely, your android devices going to either fail on the install or the application will crash while is trying to run
and uses the colonel level application sandbox. So again, the applications air away from the system kernel and the applications are in their own memory space, so they should not be able to talk with one another.