Lesson 6 (Android OS & Software security) Flashcards
When was the first Android phone released?
2008, after a early look release in 2007.
When did google acquire the startup company Android Inc?
2005
Since when is Android open source?
2008.
What are the partitions on an android phone?
/boot (kernel)
/system (pre installed apps)
/recovery (alternative boot)
/data (all user data and apps)
/cache (feq. accessed temp data)
/misc (settings)
/scdard0 (internal SD)
What partition is wiped when performing a factory reset?
/data
Name the Android OS layers
1 Applications
2 App framework > Managers and providers used when developing/running an app
3 Libraries & runtimes > general helpers that provide access to core libraries and the VM
4 Linux Kernel > drivers
What are core apps? (Applications layer)
Default apps on the device, like SMS, contacts, Call app.
What does the Application framework layer constist of?
API’s for app developers, like accessing sensors, default activity behaviour and content access on the device etc.
What is the Android Library layer?
c/c++ libs used by components of the android framework, like SSL, WebKit, OpenGL, SQLite
What is the android runtime layer?
providing realtime access to the core libraries. Possible access to network, files etc.
What is the android kernel?
A linux kernel (v 2.6). Provides memory/process managent, networking, drivers and security.
What does linux give the apps? (2 things about security)
Group ID at install time User ID (UID), can be used as process etc. This is used to store data on the /data partition with only that user (app) rights.
What is Dalvik?
Java Virtual Machine for Android.
What are dex files?
Byte code (from java) which can be ran by Dalvik. .dex === .class for JVM.
When can you publish an android app (security resitrictions) ?
Must be signed with a trusted cert, and an valid signature. This can be requested at the dev portal and required at building the .apk for release.
How does the signing of an APK work (5) ?
- The code is hashed and encrypted with a private key of the author
- The author public key is attached to the code
- At runtime the mobiel device gets the public key and decrypts the hash (code)
- Hashes the code back again to compare it
- Finally the public key is checked with the Trust Authorities cert store.
What three directories does the APK contain (security things) ?
META-INF directory. Contains the MANIFEST.MF file, CERT.RSA (certificate of ownership) And CERT.SF file (contains the data to be signed)
What are the 5 resources, apart from META-INF, included in an Android APK file?
1 res = resources that couldnt be compiled
2 assets = extra files
3 androidmanifest.xml (projects manifest)
4 classes.dex = All classes compiled
5 resources.arsc = compiled resources in binary format
What are application-level interactions?
Interactions on components like: Activities, services, content providers, broadcast receivers.
What does an activity do?
Provides user interaction and GUI
What does a service do?
provides background processes
What does the content provider do?
Provides data storage facilities
What does the broadcast receiver do?
Provides the possibility to receive mails or events from the apps or systems.
What are the important methods that work with the Activity Lifecycle?
onCreate() onStart() onRestart() onResume() onPause() -> goes to resume or create onStop() > goes to restart or create onDestroy()
How does the Linux system start an app?
In one single thread. By default all components of the app run in the main thread. (same process/thread)
Does a service run in a different thread?
No, it does not. It can still freeze the UI. It works on the same process as the app in the main thread.
How can you use a thread or Runnable?
Creating a new class that extends the Thread or Runnable class (e.g. as myThread). It has to implement the run() method to execute code in the thread. The run() will be automatically called when calling new myThread().start();
What is a way to perform an async task, which can directly access UI?
Using the AsyncTask class implementation.
What are intents and what forms do you have?
Inter-component signaling. Used for starting activities, sending messages and creating background services. There are explicit intents, specifying the component to start with the classname. Implicit is to just perform an action, without a specific component specified.
What are the 3 local storage types?
- SQLite
- Content Provider
- File storage
What are content providers?
They are like a database with content where you can perform queries on. However they are also used to retrieve photos/contacts etc.
What are broadcast receivers?
Events that you can register on. Notifications at runtime, like battery percentage.
How are broadcast receivers used?
By extending the BroadcastReceiver and implementing the onReceive method.
What permissions are required for using broadcast receivers?
Putting a tag in the manifest file, with an intent filter, containing an action where you want updates from.
How do permissions work?
Permissions are all declared in the manifest. Its an all or nothing model. This is to inform the user and to restrict application access.
How does cross site scripting work? (XSS)
When code is injected in an web app that contains executable code, like javascript code in a regular input field.
Which two kinds of XSS are there?
Non persistance: Visit a malicious webpage.
Persistance: Often included or stored in forum posts
What is SQL injection?
Parts of SQL queries that are stored as input parameters. Same like XSS but then as SQL.
What is Phising?
For examples websites or emails that seem real but are fake websites requesting your personal/login information
