首页
社区
课程
招聘
[原创]android 4.2 安全新特性
发表于: 2013-6-28 14:34 10294

[原创]android 4.2 安全新特性

2013-6-28 14:34
10294

Android 4.2发布已有很长时间了。有一些安全新特性。分析一下:

•Application verification — Users can choose to enable “Verify Apps" and have applications screened by an application verifier, prior to installation. App verification can alert the user if they try to install an app that might be harmful; if an application is especially bad, it can block installation.
         安装前可以通过连接到google云进行在线检测,如果结果不理想。。。可以不安装。

        核心就是检测的原理和效果如何-------后续专题介绍

Verify apps over usb — 为了调试方便,通过usb安装应用时禁用应用检查,但在其余的诸如浏览器来源的应用上仍保持此验证过程。这有助于在保持安全选项打开的情况下,加速应用开发。

•More control of premium SMS — Android will provide a notification if an application attempts to send SMS to a short code that uses premium services which might cause additional charges. The user can choose whether to allow the application to send the message or block it.
       恶意订购赶脚就在中国比较猖獗吧。这次android会在程序自动发短信api时弹出确认对话框。

其实这个API根本没有存在的必要,调用系统的短信应用即可(这也是给程序猿的建议。)

        后续android的安全新进展就是对这些敏感api的控制了!!要嘛是运行时弹框,要嘛直接删除!

•Always-on VPN — VPN can be configured so that applications will not have access to the network until a VPN connection is established. This prevents applications from sending data across other networks.
            灰常牛逼的功能。可以控制每个应用的VPN策略,如果配以MDM的远程管理。这是DLP的衍生啊!防止数据外泄的有效手段。本来我们是通过SEAdnroid 和IPtables实现的。

           

•Certificate Pinning — The libcore SSL implementation now supports certificate pinning. Pinned domains will receive a certificate validation failure if the certificate does not chain to a set of expected certificates. This protects against possible compromise of Certificate Authorities.
            PC上证书机制比较健全了,双向SSL也比较完善,根证书的存储和管理也比较完善。 手机不然,很容易被MITM。程序猿也容易咋程序处理中简化处理。

Certificate Pinning它的作用在于限制特定数量的证书颁发机构与某一域名相关 。毕竟软件大多只和固定的IP通信     。   

后续专题介绍。

•Improved display of Android permissions — Permissions have been organized into groups that are more easily understood by users. During review of the permissions, the user can click on the permission to see more detailed information about the permission.
          谁都看不懂的权限提示和分类,一大堆学术论文研究这儿。。。。

•installd hardening — The installd daemon does not run as the root user, reducing potential attack surface for root privilege escalation.
           installd 确实没必要uid=0.。。很容易被攻击。

•init script hardening — init scripts now apply O_NOFOLLOW semantics to prevent symlink related attacks.
             防止symlink攻击的!

•FORTIFY_SOURCE — Android now implements FORTIFY_SOURCE. This is used by system libraries and applications to prevent memory corruption.
            

detect and prevent a subset of the buffer overflows before they can do damage. The idea behind FORTIFY_SOURCE is relatively simple: there are cases where the compiler can know the size of a buffer (if it’s a fixed sized buffer on the stack, as in the example, or if the buffer just came from a malloc() function call). With a known buffer size, functions that operate on the buffer can make sure the buffer will not overflow. FORTIFY_SOURCE in Fedora 8 has been enhanced to cover C++ in addition to C, which prevents many security exploits.

•ContentProvider default configuration — Applications which target API level 17 will have “export” set to “false” by default for each ContentProvider, reducing default attack surface for applications.
              组件安全的问题,这个玩意尽然缺省是导出的。。。现在改为不导出。

•Cryptography — Modified the default implementations of SecureRandom and Cipher.RSA to use OpenSSL. Added SSLSocket support for TLSv1.1 and TLSv1.2 using OpenSSL 1.0.1
           以后还得增强。。这都是基础的!

•Security Fixes — Upgraded open source libraries with security fixes include WebKit, libpng, OpenSSL, and LibXML. Android 4.2 also includes fixes for Android-specific vulnerabilities. Information about these vulnerabilities has been provided to Open Handset Alliance members and fixes are available in Android Open Source Project. To improve security, some devices with earlier versions of Android may also include these fixes.
        漏洞patch了。

Protected content
版权保护的机制,这靠谱吗。。。这东西搞了很多年了,没有太多价值!!

可以查询电视等设备是否是具有安全视频能力,查询一个显示器是否支持安全视频输出或支持图像缓冲保护。同时在SurfaceView 对象加入了新的安全机制,应用可以设置安全标志位,来标记其中的内容不会出现于不提供安全显示输出的显示器上。就是发现设备不安全就不显示。。。毛!!这么吊!


[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)

收藏
免费 5
支持
分享
最新回复 (1)
雪    币: 1413
活跃值: (401)
能力值: (RANK:270 )
在线值:
发帖
回帖
粉丝
2
扣费SMS,俄罗斯好像也蛮严重的……这个功能最大的作用其实是提供了一堆全球各国扣费号码的正则表达式。。

证书锁定……没说清楚的样子,等下一专题。

好像还有一些改进文档里没说,比如adb调试的用户许可。以及最近发现Google在偷偷地改一些以前上报的功能设计问题。
2013-6-28 15:42
0
游客
登录 | 注册 方可回帖
返回
//