back to article Boffins propose security shim for Android

An international group of researchers believes Android needs more extensible security, and is offering up a framework they hope either Google or mobe-makers will take for a spin. The project is described in this paper slated for the Usenix Security Symposium on Friday in San Diego. The researchers from Germany's Technische …

  1. Shannon Jacobs
    Holmes

    It's the humans, stupid, and boy, are they stupid

    I think the single approach that would most hurt the criminals would be if the suckers would stop installing their apps, and the single kind of information that would most deter the suckers from installing the apps is knowing the REAL financial motivations of whoever is distributing the app.

    Of course, that kind of "reality" is too much to hope for, but if some attempt were made to present the financial information, then it would help in a lot of cases. Most of the legitimate financial models are pretty well known, and the google could basically offer them as selectable options--and in most of those cases the google could offer some independent evidence as to whether or not the developer is telling the truth, and lock that part down so the developer can't tamper with it. Does the developer say he will get money from ads? Then the google can say they are paying advertising revenue. Is it a limited version for a paid version? Then the google can report that a paid version actually exists and is actually earning some sales.

    Of course the google doesn't understand this, do they?

    1. Matt 21

      Re: It's the humans, stupid, and boy, are they stupid

      I think we're also coming back to the permission problem where apps ask for ridiculous amounts of access and Google seem to go along with this making it harder to see what's going on.

      The only way to get this to work is to root the phone and remove these silly access privileges. Even then I'm not convinced of the security.

      I have to say it made me laugh when I read yesterday that the police are sating criminals nick phones to get personal information. A lot of people give away that information on Facebook and even if they don't most apps have such sweeping access that they'll have got it anyway.

      1. RoninRodent

        Re: It's the humans, stupid, and boy, are they stupid

        If you have Jellybean or later (not sure if it works on older versions) you can install AppOps from the play store which lets you remove individual permissions from apps. It also tells you exactly what permissions an app has if you can't remember and if the app is actually using those permission rules or not.

        For example I can see a list of everything that has access to "messaging" and for each app I can see exactly what access it has. The Android entry can read, receive, write, delete and send SMS as you would expect. AirDroid can too but I can see it hasn't done so in months (since I last read my messages on my PC). I can revoke each individual permission from any app I like.

        1. Matt 21

          Re: It's the humans, stupid, and boy, are they stupid

          Fair enough but it only works on some versions, mine's too old and the other phone I've got is too new.

          It also breaks some programs. If you root the phone there's a program which will provide fake data so all programs keep working. However, this again needs you to root the phone.

        2. g e

          Re: It's the humans, stupid, and boy, are they stupid

          Not in 4.4.2 sadly, Google removed something that made it happen

        3. Gene Cash Silver badge
          FAIL

          Re: It's the humans, stupid, and boy, are they stupid

          And here's another problem with Android security... I just looked for "app ops" on my Moto G and there are no fewer than 24 apps named that, maybe about 30 named "app ops [something]" and another couple dozen named "permissions manager"

          Some of those have got to be malware, and I have no way to tell good guys from bad guys.

          1. eulampios

            Re: It's the humans, stupid, and boy, are they stupid

            >>Some of those have got to be malware, and I have no way to tell good guys from bad guys.

            Ever tried checking permissions? Bad or good it all comes to what they are capable of doing as well as if a developer is lazy/incompetent to require unneeded permissions. Look for the open source ones (check if it is really an open source) as well, this would be a better guarantee for it be a good one.

    2. Anonymous Coward
      Anonymous Coward

      Re: It's the humans, stupid, and boy, are they stupid

      "and is offering up a framework they hope either Google or mobe-makers will take for a spin."

      Running the Google shiteware under something far more secure such as Windows Phone or Blackberry would probably be a good start.

  2. AMBxx Silver badge
    Mushroom

    Or

    We could all just buy a Blackberry - they let you do most, if not all, of this already.

    Why no Blackberry Icon? We have windows, android and iThing, but no Blackberry.

    1. James 51

      Re: Or

      You beat me to it. When I installed a torch app on my Q10 it asked for stuff like GPS, contacts, internet etc etc but as it was a native app I was able to deselect them all and the app still worked (as turning the flash on required none of those things). With ported Android apps or running those apps directly, you have to accept or reject the entire app. Huge, huge flaw in Android design.

      1. Charles 9

        Re: Or

        Huge, huge flaw in Android design.

        Actually, that was BY design. Remember that once upon a time, Android was behind Apple in the app market so they needed a way to convince app devs to jump on board. A permission system geared more to them was one way to convince them. And once you have that, the genie's basically out of the bottle since trying to curtail them NOW will break too many things: many with no alternatives.

        1. Test Man

          Re: Or

          Don't see why not - Microsoft introduced UAC at a time when development processes was very entrenched (coding the application to write anywhere willy nilly, etc.). We've all seemed to have grown accustomed to it now, as developers now tend to write applications that write to proper areas (user area, etc.). Maybe it'll be the same with Android when developers realise that people can turn off permissions at will?

          1. Charles 9

            Re: Or

            Microsoft was in an Apple-like position: owning the dominant desktop OS in the market, which meant devs had to play by Microsoft's rules or not at all. Android has only just edged iOS for dominant mobile OS and not by much, meaning Android devs could still take their app and go back to Apple.

        2. eulampios

          @Charles 9

          >>Actually, that was BY design.

          What design are you talking about exactly? For apps permissions:

          --- to have them separate in the first place and be able to see them, or

          -- being able to allow or not allow those permissions separately while still able to install an app?

          As I believe, the latter was available for all versions of BB greater than or equal to 5.0 (since 2009). As far as the former feature is concerned, are you sure that it was BB's design prior v 5.0 (say, v.3.6)? Since, Android was released in 2008, saying nothing about the start of the project circa 2005, when Google acquired it.

          1. eulampios
            Happy

            Re: @Charles 9

            Okay,I must have gotten it, I misinterpreted the abbrev. "BY", I thought it was BlackberrY. My apologies :)

  3. Pascal Monett Silver badge

    "ASM would let users restrict the app"

    Ah, a dream just might come true.

    One question though : will the user be able to restrict ALL apps, or just the ones Google lets him ?

  4. Andy Mc
    Stop

    This already exists

    It's called XPrivacy and it attaches to an API shim called Xposed that allows plugins to monitor/control what requests go to the OS.

    1. Charles 9

      Re: This already exists

      But Xposed requires rooting. What's needed is a root-free solution and that will probably mean baking it into Android itself, and Google lacks the motivation (remember, their customers are the devs--they're the ones paying to get in the app store and giving Google the cut--not the consumers). Apple can get away with it ONLY because they're still the irresistible lure. And Blackberry is enterprise-oriented which changes the focus points.

      1. Andy Mc

        Re: This already exists

        True, it does require root, but only at the point of inserting the shim - root can be removed immediately afterwards. Similar functionality could easily be baked in, but seeing the mess Google made with AppOps I'd prefer it if they just lifted Xposed/Xprivacy and used that. Anyway, my point being that these researchers have been wasting their time suggesting something that already exists.

        1. Charles 9

          Re: This already exists

          And MY point is that Google lacks the motivation to bake in security. In fact, they're actively DEmotivated. Unless lots of people actively defect to Apple or Blackberry specifically because of security, then the money keeps coming into Google, especially if saps KEEP their phones insecure sources of personal information.

          1. phil dude
            Thumb Up

            Re: This already exists

            I think this sounds about right!

            One of the main reasons I am hoping the Sailfish method of "android in a box" might become more prevalent...

            P.

          2. eulampios

            Re: This already exists

            >>And MY point is that Google lacks the motivation to bake in security.

            What's Google motivation then? I don't think ANY company (even MS) lacks such a motivation. However, motivations and the end result do vary from one company to another.

            >>especially if saps KEEP their phones insecure sources of personal information.

            ???

            Bottom line is to get a device you can root and run either of the following (or all): Cyanogenmod, Replicant, Ubuntu Touch, FirefoxOS, Sailfish or Tizen. This would be the best and most secure option. This completely excludes BB, Apple or Microsoft.

  5. Anonymous Coward
    Anonymous Coward

    Lovely..

    So, the idea to secure Android is to put a layer on top to fix the problems that shouldn't be there in the first place?

    I was wondering why this felt like deja vu, but that is EXACTLY the path Windows too - to get that anywhere near usable ("secure" is IMHO a bit optimistic) you had to install external anti-virus (no, you don't install something from the very people that caused the problem in the first place).

    It's like building a safe house on a foundation of meringue..

    1. eulampios

      @AC, the generality quantifier

      With your assertion, you're getting into an over-generalization problem. Of course, any system has its own shortcomings, those beg to differ though.

      1) having apps run under separate uid's is good, permissions will be allowed to have access to files and directories as well as services they are only allowed to! On Windows, where no secure central repositories/ports are available, not only is it NOT guaranteed, you might have to install an app or two as a root, or it won't work for you properly (occurred in the XP times to many, me included).

      2) making permissions be visible to a user is good, since one can get an idea about either the intent or incompetence (or both) of the app's author and is able to make a decision of installing or not based on that information.

      No, antivirus software != apps permissions, since the former:

      i) is much more complex and error prone (both 1st and 2nd type)

      ii) needs system resources, at times pretty excessive resources (cpu, disk usage and RAM)

      iii) needs to be trusted, otherwise, checked for possible malware or backdoors by itself.

    2. Anonymous Coward
      Anonymous Coward

      Re: Lovely..

      The generally disappointing issue about Android is that it wasn't first to market, so the Good Ideas™ were already out there. I cannot fathom why they didn't adopt some variety of the iOS approach to rights which not only allow for very fine rights control DURING installation, but also allow changes AFTERWARDS.

      It's ridiculous that someone has to retrofit Android with a product to address pretty fundamental deficiencies. Only Google's stance on privacy ("you have none") serves as an explanation.

  6. Anonymoist Cowyard

    Sick and tired

    of all the Android security bullshit. Apple, Microsoft and Security companies have alot to answer for, and are all automatically on my shit-list.

    Here in the real world, despite pretty much everyone I know having an Android phone of varying age, NONE of them have EVER had an virus, malware or anything else nasty happen to them.

    The reason? Apps are sandboxed properly and they only shop in the Google Play store.

    Windows security is 10000% worse and prretty much every PC I see outside of the workplace is flooded with crapware/malware/viruses.

    So i'm going to call those companies that employ FUD tactics against Android to sell something (either a Android "solution" or a competing product), that THEY are the problem. By continuing their FUD, they are trivializing security.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like