avoiding the pandora pitfall joe brady sr. solutions architect
TRANSCRIPT
![Page 1: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/1.jpg)
Avoiding the Pandora Pitfall Secure Coding Practices for
Android Application Privacy
Joe Brady
Sr. Solutions Architect
November 29, 2011
![Page 2: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/2.jpg)
About Veracode
Veracode Confidential Veracode Confidential 2
![Page 3: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/3.jpg)
3
Privacy
Implications
2 Case Studies
Mobile Security
Landscape
1 4 Q&A
![Page 4: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/4.jpg)
Risk - noun \`risk\
The possibility of loss or injury
![Page 5: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/5.jpg)
SMS
PC Sensitive Data
Financial data
Corporate data
Computing power
Contact List
Photos
…
![Page 6: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/6.jpg)
Mobile Mitigations
Patch methodology
Process isolation
Reasonable permission
model
Some disk encryption
Code signatures
…
![Page 7: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/7.jpg)
10.9 billion mobile apps downloaded in 2010, according to IDC
Expected to rise to 76.9 billion apps by 2014
![Page 8: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/8.jpg)
Activity monitoring and data retrieval
Unauthorized dialing, SMS, and
payments
Unauthorized network
connectivity (exfiltration
or command & control)
UI impersonation
System modification
(rootkit, APN proxy
config)
Logic or time bomb
Part 1: Malicious Code
![Page 9: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/9.jpg)
Part 2: Code Vulnerabilities
Sensitive data leakage (inadvertent or side
channel)
Unsafe sensitive data storage
Unsafe sensitive data transmission
Hardcoded password/keys
![Page 10: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/10.jpg)
Case Study: Hardcoded Passwords
![Page 11: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/11.jpg)
![Page 12: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/12.jpg)
Case Study: Unsafe Data Transmission
![Page 13: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/13.jpg)
![Page 14: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/14.jpg)
![Page 15: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/15.jpg)
Case Study: Unsafe Data Writes
![Page 16: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/16.jpg)
![Page 17: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/17.jpg)
![Page 18: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/18.jpg)
Case Study: Data Exfiltration
![Page 19: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/19.jpg)
WSJ Breaks Story on Pandora
Investigation
“Federal prosecutors in New Jersey are investigating whether numerous smartphone applications illegally obtained or transmitted information about their users without proper disclosures”
![Page 20: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/20.jpg)
-- JD-GUI -- Veracode Engine
![Page 21: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/21.jpg)
JD-Gui Analysis
![Page 22: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/22.jpg)
AdMob Location Requests
![Page 23: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/23.jpg)
AdMob AndroidID Request
![Page 24: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/24.jpg)
Android Manifest Permissions
ACCESS_CHECKIN_PROPERTIES ACCESS_COARSE_LOCATION ACCESS_FINE_LOCATION ACCESS_LOCATION_EXTRA_COMMANDS ACCESS_MOCK_LOCATION ACCESS_NETWORK_STATE ACCESS_SURFACE_FLINGER ACCESS_WIFI_STATE ACCOUNT_MANAGER AUTHENTICATE_ACCOUNTS BATTERY_STATS BIND_APPWIDGET BIND_DEVICE_ADMIN BIND_INPUT_METHOD BIND_REMOTEVIEWS BIND_WALLPAPER BLUETOOTH BLUETOOTH_ADMIN BRICK BROADCAST_PACKAGE_REMOVED BROADCAST_SMS BROADCAST_STICKY BROADCAST_WAP_PUSH CALL_PHONE CALL_PRIVILEGED CAMERA CHANGE_COMPONENT_ENABLED_STATE CHANGE_CONFIGURATION CHANGE_NETWORK_STATE CHANGE_WIFI_MULTICAST_STATE CHANGE_WIFI_STATE CLEAR_APP_CACHE CLEAR_APP_USER_DATA CONTROL_LOCATION_UPDATES DELETE_CACHE_FILES DELETE_PACKAGES DEVICE_POWER DIAGNOSTIC DISABLE_KEYGUARD
DUMP EXPAND_STATUS_BAR FACTORY_TEST FLASHLIGHT FORCE_BACK GET_ACCOUNTS GET_PACKAGE_SIZE GET_TASKS GLOBAL_SEARCH HARDWARE_TEST INJECT_EVENTS INSTALL_LOCATION_PROVIDER INSTALL_PACKAGES INTERNAL_SYSTEM_WINDOW INTERNET KILL_BACKGROUND_PROCESSES MANAGE_ACCOUNTS MANAGE_APP_TOKENS MASTER_CLEAR MODIFY_AUDIO_SETTINGS MODIFY_PHONE_STATE MOUNT_FORMAT_FILESYSTEMS MOUNT_UNMOUNT_FILESYSTEMS NFC PERSISTENT_ACTIVITY PROCESS_OUTGOING_CALLS READ_CALENDAR READ_CONTACTS READ_FRAME_BUFFER READ_HISTORY_BOOKMARKS READ_INPUT_STATE READ_LOGS READ_PHONE_STATE READ_SMS READ_SYNC_SETTINGS READ_SYNC_STATS REBOOT RECEIVE_BOOT_COMPLETED RECEIVE_MMS
RECEIVE_SMS RECEIVE_WAP_PUSH RECORD_AUDIO REORDER_TASKS RESTART_PACKAGES SEND_SMS SET_ACTIVITY_WATCHER SET_ALARM SET_ALWAYS_FINISH SET_ANIMATION_SCALE SET_DEBUG_APP SET_ORIENTATION SET_PREFERRED_APPLICATIONS SET_PROCESS_LIMIT SET_TIME SET_TIME_ZONE SET_WALLPAPER SET_WALLPAPER_HINTS SIGNAL_PERSISTENT_PROCESSES STATUS_BAR SUBSCRIBED_FEEDS_READ SUBSCRIBED_FEEDS_WRITE SYSTEM_ALERT_WINDOW UPDATE_DEVICE_STATS USE_CREDENTIALS USE_SIP VIBRATE WAKE_LOCK WRITE_APN_SETTINGS WRITE_CALENDAR WRITE_CONTACTS WRITE_EXTERNAL_STORAGE WRITE_GSERVICES WRITE_HISTORY_BOOKMARKS WRITE_SECURE_SETTINGS WRITE_SETTINGS WRITE_SMS WRITE_SYNC_SETTINGS
![Page 25: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/25.jpg)
https://market.android.com/details?id=com.pandora.android&feature=search_result – 4/25/2011
Phone Calls Read Phone State and
Identity
System Tools
Modify Global System
Settings
Prevent Device From
Sleeping
Bluetooth Administration
Change Wi-Fi State
Change Network
Connectivity
Automatically Start at Boot
Network Communication Full Internet Access
Create Bluetooth
Connections
View Network State
View Wi-Fi State
Your Personal
Information Read Contact Data
Add or Modify Calendar
Events
and Send Email To
Guests
![Page 26: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/26.jpg)
Google purchases AdMob for $750 million dollars. Closed
May, 2010
Just a bit deeper…
![Page 27: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/27.jpg)
Permissions retrieved from official Android Marketplace on 4/25/2011
100,000 – 500,000 installations
Permissions:
• FINE (GPS) LOCATION
• COARSE (NETWORK-BASED) LOCATION
• FULL INTERNET ACCESS
5,000,000 – 10,000,000 installation Permissions:
•RECORD AUDIO
•CHANGE YOUR AUDIO SETTINGS
• FINE (GPS) LOCATION
•COARSE (NETWORK-BASED) LOCATION
• FULL INTERNET ACCESS
•MODIFY/DELETE USB STORAGE CONTENTS MODIFY/DELETE SD CARD CONTENTS
• PREVENT DEVICE FROM SLEEPING
ESPN, CBS Interactive, Geico, Starbucks…
![Page 28: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/28.jpg)
CBS News Advertising Networks
![Page 29: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/29.jpg)
TV.com Advertising Networks
![Page 30: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/30.jpg)
1. http://www.rollingstone.com/culture/blogs/gear-up/pandora-
responds-to-claims-that-its-online-service-violates-user-privacy-
20110415
One
week
later...
![Page 31: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/31.jpg)
Privacy?
![Page 32: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/32.jpg)
Here are Some Numbers…
![Page 33: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/33.jpg)
Total Third Party Libraries: ~83,000 Top Shared Libraries
38% com.admob (18,426 apps ) 8% org.apache ( 3,684 apps ) 6% com.google.android ( 2,838 apps ) 6% com.google.ads ( 2,779 apps ) 6% com.flurry ( 2,762 apps ) 4% com.mobclix ( 2,055 apps ) 4% com.millennialmedia ( 1,758 apps) 4% com.facebook ( 1,707 apps)
An
d E
ve
n M
ore
Nu
mb
ers
…
![Page 34: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/34.jpg)
Code Reuse
Outsourcing
Third Party Libraries
![Page 35: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/35.jpg)
Risk Transference
Your code Your libraries
Outsourced code 3rd party libraries Purchased code
COTS code
Contract your vendors to do the same
I’ll Accept that Risk!
Pass it on over..
![Page 36: Avoiding the Pandora Pitfall Joe Brady Sr. Solutions Architect](https://reader031.vdocuments.us/reader031/viewer/2022020705/61fb863a2e268c58cd5f3168/html5/thumbnails/36.jpg)
Summary
Case Studies
No Hardcoded Passwords
Encrypt Data In Transit
Secure Data At Rest
Analyze Security of ALL Code
(Includes Code Reuse)
Joe Brady
Tyler Shields
@txs