zarafa summercamp 2012 - android workshop

Report

Tags:

Post on 13-May-2015

551 Views

Category:

Art & Photos

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

Build an app that reveals security holes on Android

Workshop

Freek Kauffmann Paul Lammertsma

1. Connect to the open wireless network

2. Android setting: allow non-market applications

3. Download AIDE from Google Play

Before we start

APPS!

Android

• What are the security principles of Android?– POSIX based (Linux)– User IDs and File Access– Permissions– Application signing (identifies developer)– Sandboxing (application isolation)

Android

• Implications of rooting your device? – You can modify the Operating System– You can replace all applications– Access all application data– Grant/revoke permissions– Send data to and from the phone

• Others (malicious software?) can do the same!*

Android

• Facebook SDK exploit (April, David Poll)– Logcat– Let’s hack this!

We’ll make an app that…

• Steals Facebook login from bonafide apps– Draw Something Free– Hootsuite– Facebook Marketplace (Oodle)– Soundhound– LauncherPro– Sleepy Jack– Airport City, Diamonds Blaze

and others by Game Insight

https://github.com/pflammertsma/FacebookThief.git

github

https://github.com/pflammertsma/FacebookThief.git

continues onnext slide…

Facebook Thief

Tap to enable the background service

Freek Kauffmannfreek.kauffmann@itq.nl

Paul Lammertsmapaul@pixplicity.com

top related

naf academy summercamp
Documents
childrenscinemaclub zarafa oct2015
Documents
teamcamp summercamp 2009
Business
zarafa tour 2014: "where zarafa can make a difference"
Internet
qilingong summercamp english
Documents
2 summercamp liturgy
Documents
manual usuario zarafa
Documents
zarafa summercamp 2011
Technology
zararfa summercamp 2012 - fedora update & pam-mapi zarafa...
Technology
zarafa scaling & performance
Technology
summercamp 2016
Documents
zarafa community session
Technology
zarafa summercamp 2012 - dms ecm - simply for everyone
Technology
zarafa summercamp 2012 - exchange web services on zarafa
Technology
zarafa summercamp 2012 - deploying zarafa archiver
Technology
150709 watson for summercamp
Technology
summercamp state comp
Documents
zarafa summercamp 2012 - tips & tricks for running zarafa is...
Technology
zarafa summercamp 2012 - keynote steve hardy - 3 cool...
Technology
ba makes zarafa mobile
Technology