Android Security

Recommendations

Info

Untrustworthy TrustZone TrustZone Vulnerabilities • Problem: TZ OS is often vendor defined, closed source – Google trying to standardize with “Trusty OS” – Qualcomm (most common) has own, and BUGGY • http://bits-please.blogspot.com – AMAZING detail of trustzone exploitation on MSM, step-by-step – Particularly as of /2015/03/getting-arbitrary-code-execution-in.html (C) 2016 Jonathan Levin & Technologeeks.com - Share freely, but please cite source!
Untrustworthy TrustZone <strong>Android</strong> Vulnerabilities (C) 2016 Jonathan Levin & Technologeeks.com - Share freely, but please cite source!
Page 1 and 2: Android Security: Same-ol’, Same-
Page 3 and 4: Android Internals::about “Android
Page 5 and 6: Mobile Security Trusted app may be
Page 7 and 8: Local Attacks (rogue app, malware)
Page 9 and 10: Android Security A little history (
Page 11 and 12: Android Security Android Applicatio
Page 13 and 14: Android Security Android Code Bases
Page 15 and 16: Android Security Updates (or lack t
Page 17 and 18: Code Injection Prelude: Vectors for
Page 19 and 20: Counter- CounterMeasures for Code I
Page 21 and 22: Top 3 Risks Top 3 risks - #3: File
Page 23 and 24: Top 3 Risks Top 3 risks - #2: Binde
Page 25 and 26: Top 3 Risks Top 3 risks - #1: Linux
Page 27: Untrustworthy TrustZone Android & T
Page 31 and 32: So, overall.. • Sad Truth: Androi

Android Security

Create successful ePaper yourself

Delete template?

Save as template?