Video: Security vendor demonstrates Android exploits

Jon Oberheide of Duo Security has released a video demonstrating two security vulnerabilities which could allow apps to take control of Android devices.

The video was created to generate interest in the firm's upcoming workshop on mobile security at the SOURCE security conference in Barcelona this November.

Last year Oberheide was responsible for exposing a weakness in Google's Android Marketplace, which allowed the remote installation of malicious code from within an app.

The first vulnerability demonstrated in the new video affects all Android devices. It allows an already installed app to install other apps without prompting the user to approve their permissions.

He says this problem can also be exploited by an attack which compromises an otherwise safe app after it has been installed.

The second attack demonstrated would allow an app to gain full control over an Android device by using a Linux kernel exploit which bypasses security permission limitations.

While Google's lack of control over Android vendors and handsets has been instrumental in its success, it also poses significant security challenges. By ceding control over the application of updates to Android devices, Google has created a system where commercial factors may outweigh the best interests of consumers.

Even if Samsung, HTC, or Motorola believes it is in their best interest to offer immediate updates, in many cases their decisions may be overruled by a carrier whose primary interest is ensuring control over customers' phones.

Written by: Rich Fiscus @ 21 Sep 2011 15:41

A5J4DX

woah

21.9.2011 16:25 #1

KillerBug

Yeah...like a blast from the past, this guy has shown up and demonstrated what everyone with ROOT has known about since they got their android phones. Copy an app to system\app and it is installed, simple as that.

This is why I have an Android...I want to be able to use a file manager (an app) to instal (and more importantly, uninstall) apps manually. And I want to be able to root as well. Sure HTC and Samsung would be happy to lock devices down like a PS3...but I don't want that.

Anyway, I do regular backups, and restoring a complete back up takes under 10 minutes including wiping the old.

21.9.2011 21:46 #2

i1der

Is hard to care about customer while getting their money, too much task for so little people. if this doesn't change we will see nexus phones been the choice for most people... And maybe Google network if ever build will be a easy choice as well, even sprint is getting greed with 5gb cap for tether.

21.9.2011 21:59 #3

Hyasuma

Originally posted by KillerBug: Yeah...like a blast from the past, this guy has shown up and demonstrated what everyone with ROOT has known about since they got their android phones. Copy an app to system\app and it is installed, simple as that.

This is why I have an Android...I want to be able to use a file manager (an app) to instal (and more importantly, uninstall) apps manually. And I want to be able to root as well. Sure HTC and Samsung would be happy to lock devices down like a PS3...but I don't want that.

Anyway, I do regular backups, and restoring a complete back up takes under 10 minutes including wiping the old. agree indeed!

21.9.2011 23:01 #4

xtago

HTC and Samsung devices have been rooted already, months ago.

The US is just behind the times.

22.9.2011 04:39 #5

KillerBug

Originally posted by xtago: HTC and Samsung devices have been rooted already, months ago.

The US is just behind the times.
What are you talking about? They were rooted YEARS ago, in every country. Even when a device is launched without rooting tools from the maker, it is rooted soon after. Heck, my Sensation 4G was rooted before HTC had USB drivers for it on their website!

22.9.2011 05:40 #6

AfterDawn: News