Black Hat 2011: Researchers Demonstrate Android Vulnerabilities
Google’s Chrome OS isn’t the only system that’s taking a figurative beating at the upcoming Black Hat conference. A team of researchers from antimalware vendor Dasient Inc. are slated to demonstrate a serious security threat to Android phones; one which could enable an attacker to gain network access in order to steal data off the system. That…doesn’t sound good.
WebKit Floating Point Vulnerability
Via http://www.androidstuffph.info
“It is possible to write an attack such that when a user simply navigates to a webpage on a mobile phone, the attacker can get a backdoor channel to the phone” said Neil Daswani, CTO of Dasient, Incorporated. “Basically, you can construct an exploit which gives you network access to the compromised phone.” Yet again, we see the unfortunate reality of the mobile ecosystem, and the need for more security software geared towards smartphones.
At the upcoming Black Hat conference-basically, a bunch of security gurus demonstrating what’s broken in modern security software, and figuring out how to fix it- the team plans to demonstrate an attack which targets a flaw in the platforms Webkit browser engine along with a coding error in Skype to bypass Android’s sandbox isolation security feature. For those of you who don’t know, Webkit is a very common browser engine; used in many PC and mobile browsers- including Google Chrome, Apple Safari and HP WebOS. This isn’t the first time security flaws have been found with the engine, and it likely won’t be the last- a lot of the current vulnerabilities, many of which stem from memory corruption errors, are extremely difficult to patch.
Application Memory Leaks
Via http://1.bp.blogspot.com
The vulnerability- the full details of which will be released August 4th at the conference- isn’t the only problem Dasient found with Android. Apparently, a lot of the Android applications have a pretty severe leakage problem. Literally hundreds of apps for Google’s platform leak data like sieves. Out of over 10,000 apps, the research team found privacy violations in 800. That doesn’t seem like a big number, until you consider the fact that that’s nearly 10% of apps. 10% too many, if you ask me.
In some cases, the applications sent out text messages to other phones without the express permission of the user. Others transmitted the user device IDs, usernames, and contact information to various servers. The worst part about all this? Dasient found that in most cases, the data leaks weren’t actually intentionally malicious in nature- most of the issues were a result of incorrect coding.
“It’s clear the developers were not taking care with user’s private information” Daswani stated, “these applications need to be coded and built more carefully if indeed we want mobile applications to maintain the trust of users.”
Uh, yeah. Let’s hope Google starts cracking down on said developers- I’m not sure I like the idea of my personal data being leaked out to numerous locations-even if it’s not intently malicious. And I’m pretty certain most smartphone users will share my sentiments.
Via CNET
Because even if these vulnerabilities and leaks aren’t malicious, who’s to say someone malicious couldn’t come along and exploit them?
Via Search Security, Search Security
