be paranoid or not to be aliz e penel
play

BE PARANOID OR NOT TO BE ? Alize PENEL Linux and Android System - PowerPoint PPT Presentation

Oct 10, 2022 •234 likes •584 views

BE PARANOID OR NOT TO BE ? Alize PENEL Linux and Android System Developer Dev Team Member Agenda 02 03 01 Network Security Internet socket in Aspects Permission in Android OS Marshmallow INTERNET PERMISSION IN MARSHMALLOW

  1. BE PARANOID OR NOT TO BE ?

  2. Alizée PENEL Linux and Android System Developer Dev Team Member

  3. Agenda 02 03 01 Network Security Internet socket in Aspects Permission in Android OS Marshmallow

  4. INTERNET PERMISSION IN MARSHMALLOW

  5. INTERNET PERMISSION DECLARATION AndroidManifest.xml htups:/ /github.com/vx/connectbot from VX Solutjons

  6. INTERNET PERMISSION DEFINITION frameworks/base/core/AndroidManifest.xml

  7. MARSHMALLOW PERMISSIONS Permission are automatjcally granted at install tjme - UI shows permissions details - UI from Google Play, not from the system Dangerous permissions are granted at runtjme

  8. INTERNET PERMISSION INTERNALS On device : /system/etc/permissions/platgorm.xml system/core/include/private/android_fjlesystem_confjg.h root@genymotion:/ cat /data/system/packages.list

  9. MAPPING GID PROCESS

  10. That’s all ? Anything is checked at the runtjme ?

  11. NETWORK SOCKETS IN ANDROID OS

  12. THE BASICS

  13. JAVA.NET.SOCKET CLASS Any applicatjon can directly instantjate this class Even the framework uses it Packed in Android Java core library : core-libart.jar Source fjle : libcore/luni/src/main/java/net/Socket.java

  15. ANY PERMISSION CHECKED !?

  16. SOCKET SYSCALL IN BIONIC bionic/libc/bionic/socket.cpp Same type of declaratjon for connect and accept syscalls NetdClientDispath , C structure of 4 functjon pointers on 3 syscalls ( __socket, __connect, __accept4) & 1 functjon (fallBackNetIdForResolv)

  17. WHAT HAPPENING IN BIONIC ? As soon as bionic is loaded, the functjon __libc_preinit() is called by the dynamic linker In __libc_preinit() , call to netdClientInit() functjon The libnetd_client.so library is loaded by dlopen()

  18. WHAT HAPPENING IN BIONIC ? From libnetd_client.so library, bionic retrieves 4 functjon symbols : netdClientInitSocket() - netdClientInitConnect() - netdClientInitAccept4() - netdClientInitNetIdForResolv() - Call them, one by one, with their respectjve syscall as a parameter.

  19. NETDCLIENT LIBRARY

  20. IMPACTS ON NETDCLIENTDISPATCH STRUCTURE NetdClientDispatch structure does not contain the syscalls anymore It points on libnetd_client library functjons : netdClientSocket() - netdClientConnect() - netdClientAccept4() - getNetworkForResolv() -

  22. WHAT !?

  23. ANDROID KERNEL Android kernels have many modifjcatjons Every Android kernel has a network optjon actjvated : Paranoid

  24. PARANOID KERNEL OPTION It restricts access to some networking features depending on the group of the calling process include/linux/android_aids.h

  25. SOCKET CREATION IN THE KERNEL In net/ipv4/af_inet.c & net/ipv6/af_inet6.c, the process group is checked before creatjng the socket If not allowed, return EACCES

  26. SUMMARY

  27. INTEREST OF NETDCLIENT LIBRARY AND BIONIC TRICK Firewall marks in netd Networks packets are fmagged through a fwmark client/server mechanism Allow packets going through iptable rules, set by the OS In a “system case”, fwmark server checks also the permission of the process

  28. SECURITY ASPECTS

  29. DISCLAIMER I am NOT a Security developer Consider just the architectural aspect of the implementatjon

  30. HOW TO BREAK THE SYSTEM ? Internet permission Paranoid optjon Rooted devices

  31. HOW TO BREAK THE SYSTEM ? sharedUserId - A way to share permissions between packages - Permissions state is propagated to all packages upon changes Other applicatjons

  32. Thanks for your atuentjon ! PENEL Alizée apenel@genymobile.com www.genymobile.com

  33. QUESTIONS ?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Jerry: Linda, do you think Im paranoid? Linda: Youre not really paranoid if

Jerry: Linda, do you think Im paranoid? Linda: Youre not really paranoid if

Jerry: Linda, do you think Im paranoid? Linda: Youre not really paranoid if everyone really is after you, Jerry. Jerry: Maybe all security people are crazy! Linda: No, theyre just insecure. Everything You

444 views • 17 slides
Becoming Paranoid Or how I learned to start worrying and fear the Internet George V.

Becoming Paranoid Or how I learned to start worrying and fear the Internet George V.

Becoming Paranoid Or how I learned to start worrying and fear the Internet George V. Neville-Neil www.neville-neil.com Why This Talk? To make all of you more paranoid Give people a grounding in current problems with securing internet

659 views • 33 slides
IBT Online W ebs ite Loc aliz ation and Inter national Online Mar k eting 2 8 Ma r c h 2 0 1 8

IBT Online W ebs ite Loc aliz ation and Inter national Online Mar k eting 2 8 Ma r c h 2 0 1 8

Go Global IBT Online W ebs ite Loc aliz ation and Inter national Online Mar k eting 2 8 Ma r c h 2 0 1 8 F o r : T h e V i r g i n i a I n t e r n a t i o n a l B u s i n e s s C o u n c i l , I n c HELL HE LLO! O! John Worthington

844 views • 36 slides
How to be a paranoid Dates of birth or just think like one Exposure to identity theft

How to be a paranoid Dates of birth or just think like one Exposure to identity theft

Leaking information Stealing 26.5 million veteran s data Pro rotection a and S d Securi rity Data on laptop stolen from employee s home (5/06) Veterans names Social Security numbers How to be a paranoid Dates of birth or

337 views • 5 slides
101 - Vi Visu sual aliz izat atio ion Vis is10 Lecture 6: The Visualization Alphabet:

101 - Vi Visu sual aliz izat atio ion Vis is10 Lecture 6: The Visualization Alphabet:

101 - Vi Visu sual aliz izat atio ion Vis is10 Lecture 6: The Visualization Alphabet: Marks and Channels This Week Homework 1! Lecture 5: Lecture 6: Section 2: Reading: No Device Policy Last Week Terms Dataset Types Data Types

861 views • 69 slides
How to be a paranoid or just think like one 1 2 Leaking information Stealing 26.5 million

How to be a paranoid or just think like one 1 2 Leaking information Stealing 26.5 million

Pro rotection a and S d Securi rity How to be a paranoid or just think like one 1 2 Leaking information Stealing 26.5 million veteran s data Data on laptop stolen from employee s home (5/06) Veterans names Social Security

580 views • 30 slides
How to be a paranoid or just think like one 1 2 Leaking information Stealing 26.5 million

How to be a paranoid or just think like one 1 2 Leaking information Stealing 26.5 million

Protection tion and Se Secur urity ity How to be a paranoid or just think like one 1 2 Leaking information Stealing 26.5 million veterans data Data on laptop stolen from employees home (5/06) Veterans names Social Security

619 views • 27 slides
Practical CFL conditions for MUSCL schemes solving Euler equations Yohan Penel 1 1 LRC Manon

Practical CFL conditions for MUSCL schemes solving Euler equations Yohan Penel 1 1 LRC Manon

Practical CFL conditions for MUSCL schemes solving Euler equations Yohan Penel 1 1 LRC Manon UPMC-LJLL, Univ. Paris 6 Joint work with C. Calgaro & E. Creus e (Univ. Lille 1, INRIA Lille) T. Goudon (INRIA Sophia-Antipolis) 14th

412 views • 29 slides
On the road to Navier-Stokes Yohan Penel Team ANGE (CEREMA, Inria, UPMC, CNRS) Project leader:

On the road to Navier-Stokes Yohan Penel Team ANGE (CEREMA, Inria, UPMC, CNRS) Project leader:

On the road to Navier-Stokes Yohan Penel Team ANGE (CEREMA, Inria, UPMC, CNRS) Project leader: Cindy Guichard (UPMC) COmplex Rheology SURface Flows Carg` ese June, 1st. 2017 1. Project 2. Settings 3. Derivation of the hierarchy of

760 views • 45 slides
Infrastructure Design For The Professionally Paranoid Or: Ticking The Boxes For Fun And Profit

Infrastructure Design For The Professionally Paranoid Or: Ticking The Boxes For Fun And Profit

Infrastructure Design For The Professionally Paranoid Or: Ticking The Boxes For Fun And Profit Mika Bostrm <mika.bostrom@smarkets.com> Infrastructure Engineer, Information Security Officer[], semi-professional interviewer, Systems

411 views • 19 slides
Intro to Networking for the Insufficiently Paranoid Mihai Christodorescu CS 642 Spring 2007

Intro to Networking for the Insufficiently Paranoid Mihai Christodorescu CS 642 Spring 2007

Intro to Networking for the Insufficiently Paranoid Mihai Christodorescu CS 642 Spring 2007 mihai@cs.wisc.edu Original slides by Jonathon Giffin Internet: Attack and Defenses Makes communication easier and faster Makes attacks

1.05k views • 66 slides
Agility UNC COMP 523 October 5, 2020 Jeff Terrell 1 / 49 Announcements music: Paranoid Android

Agility UNC COMP 523 October 5, 2020 Jeff Terrell 1 / 49 Announcements music: Paranoid Android

Agility UNC COMP 523 October 5, 2020 Jeff Terrell 1 / 49 Announcements music: Paranoid Android by Radiohead, who exhibit great musical agility IMO please join our class on OpenClass.ai before Q4 on Wednesday see Piazza for a link Q1

883 views • 49 slides
Cryptography for the paranoid Daniel J. Bernstein (University of Illinois at Chicago, Technische

Cryptography for the paranoid Daniel J. Bernstein (University of Illinois at Chicago, Technische

Cryptography for the paranoid Daniel J. Bernstein (University of Illinois at Chicago, Technische Universiteit Eindhoven) Based on joint work with: Tanja Lange (Technische Universiteit Eindhoven) Christiane Peters (Danmarks Tekniske

1.12k views • 89 slides
Cybercrime Threats and Future Dark Musings from a Professional Paranoid Alex Stamos, Partner

Cybercrime Threats and Future Dark Musings from a Professional Paranoid Alex Stamos, Partner

Cybercrime Threats and Future Dark Musings from a Professional Paranoid Alex Stamos, Partner March 31 st , 2009 https://www.isecpartners.com Our Discussion Today Where are we today? Notes from the security front Recent incidents

754 views • 44 slides
Security Basics - Lessons From a Paranoid Stuart Larsen Yahoo! Paranoids - Pentest

Security Basics - Lessons From a Paranoid Stuart Larsen Yahoo! Paranoids - Pentest

Security Basics - Lessons From a Paranoid Stuart Larsen Yahoo! Paranoids - Pentest Overview Threat Modeling - Common Web Vulnerabilities - Automated Tooling - Modern Attacks - whoami Threat Modeling Analyzing the security of an

558 views • 44 slides
Paranoid Habits Part 1: Security Tips Denis Rechkunov @pragmader / pragmader.me Whats this

Paranoid Habits Part 1: Security Tips Denis Rechkunov @pragmader / pragmader.me Whats this

Paranoid Habits Part 1: Security Tips Denis Rechkunov @pragmader / pragmader.me Whats this about? Topics: Authentication Phishing PGP SSH USB Networking Can I trust you, Denis? Trust no one,

531 views • 41 slides
The Firewall Android Deserves: A Context-aware Kernel Message Filter and Modifier David Wu

The Firewall Android Deserves: A Context-aware Kernel Message Filter and Modifier David Wu

The Firewall Android Deserves: A Context-aware Kernel Message Filter and Modifier David Wu Agenda Overview of project Android security background Binder IPC BinderFilter Logging and analysis tools Picky Demos

631 views • 51 slides
S C A L I N G H A D O O P I N & O U T O F T H E P R I VAT E C L O U D P R I VA T E C

S C A L I N G H A D O O P I N & O U T O F T H E P R I VAT E C L O U D P R I VA T E C

J E F F K R A M E R ( H P H E L I O N ) S C A L I N G H A D O O P I N & O U T O F T H E P R I VAT E C L O U D P R I VA T E C L O U D S A R E L I K E Flickr Photo by John Lustig

751 views • 20 slides
CS 403X Mobile and Ubiquitous Computing Lecture 2: Introduction to Android Emmanuel Agu What is

CS 403X Mobile and Ubiquitous Computing Lecture 2: Introduction to Android Emmanuel Agu What is

CS 403X Mobile and Ubiquitous Computing Lecture 2: Introduction to Android Emmanuel Agu What is Android? Android is worlds leading mobile operating system Google: Owns Android, maintains it, extends it Distributes Android OS,

589 views • 35 slides
Final project lightning talks In your collaboration teams: People who havent presented

Final project lightning talks In your collaboration teams: People who havent presented

Welcome back to [occ]! (last day) Online Communities & Crowds Welcome back to [occ]! (last day) 2014-12-06 Final project lightning talks In your collaboration teams: Welcome back to [occ]! (last day) People who havent presented

599 views • 22 slides
CS5530 Mobile/Wireless Systems GPS/Location in Android Yanyan Zhuang Department of Computer

CS5530 Mobile/Wireless Systems GPS/Location in Android Yanyan Zhuang Department of Computer

CS5530 Mobile/Wireless Systems GPS/Location in Android Yanyan Zhuang Department of Computer Science http://www.cs.uccs.edu/~yzhuang UC. Colorado Springs CS5530 Ref. CN5E, NT@UW, WUSTL Android Location Interface 1. Request permission in

207 views • 10 slides
Mobile Applications and Cloud Computing Mobile Applications and Cloud Computing 2015 Leonardo

Mobile Applications and Cloud Computing Mobile Applications and Cloud Computing 2015 Leonardo

Security aspects in Mobile Applications and Cloud Computing Mobile Applications and Cloud Computing 2015 Leonardo Aniello, Ph.D. aniello@dis.uniroma1.it Outline Security aspects in mobile applications Current situation Security

460 views • 30 slides
More Android 1 How hard was week 9 code review assignment? A) Easy

More Android 1 How hard was week 9 code review assignment? A) Easy

More Android 1 How hard was week 9 code review assignment? A) Easy B) Moderate C) Challenging D) Unreasonable 2 How long did week 9 assignment take? A) Less than 2 hours

593 views • 11 slides
Mobile Subscriber WiFi Privacy Piers OHanlon Ravishankar Borgaonkar Lucca Hirschi (LSV,

Mobile Subscriber WiFi Privacy Piers OHanlon Ravishankar Borgaonkar Lucca Hirschi (LSV,

Department of Computer Science Mobile Subscriber WiFi Privacy Piers OHanlon Ravishankar Borgaonkar Lucca Hirschi (LSV, University Paris-Saclay) MoST IEEE S & P Workshop 2017 Overview Mobile identifiers IMSI Catchers/Trackers

599 views • 27 slides

More recommend