Presentation Material
Abstract
Android is a pliable environment bent into different shapes by different OEMs. While Android offers several security mechanisms at the framework and at the application levels, there’s little it offers to an OEM that customizes Android. We have seen vulnerabilities in Android stemming out of excess file permissions, processes left running as root or system after a debug cycle, privileged security capabilities in an attempt to avoid setuid files, and so on. While there are tools to run partial checks at either the Android framework level or at the Linux layer, we do not have a powerful tool that can scan for platform level vulnerabilities. We announce our tool called Iron Crow that can greatly benefit Android BSP developers and OEMs to catch vulnerabilities of this nature - thereby protecting end users, improving the security of Android, and also protect themselves from media reprimand.
AI Generated Summarymay contain errors
Here is a summary of the content:
The speaker is presenting a tool for Android security assessment, A tool checks for various vulnerabilities such as world-writable files, . It also checks for setuid files, the it has a whitelist to identify allowed processes running as root or system. The tool can be configured intelligently by OEMs or vendors to allow certain features.
The speaker highlights the importance of having such a tool in the Android ecosystem where multiple entities contribute to the codebase, making thorough security testing challenging. They propose that this tool should be made an essential part of the getting criteria or exit criteria for OEMs before shipping their products.
The tool is currently in beta pre-beta quality and will soon be made publicly available. The speaker invites interested parties to reach out to them for more information.
Some key features of the tool include:
- Checking for world-writable files
- Checking for setuid files
- Checking for privileged processes
- Compiling with recommended flags (e.g., NX bit, MMAP error value)
- Networking-related checks
- Whitelisting allowed processes and features
The speaker believes that this tool will be useful to OEMs, MNOs, vendors, security assessment teams, and Linux developers.