Lesson 6 (Android OS & Software security)

Question 1

When was the first Android phone released?

Answer 1

2008, after a early look release in 2007.

Question 2

When did google acquire the startup company Android Inc?

Answer 2

2005

Question 3

Since when is Android open source?

Answer 3

2008.

Question 4

What are the partitions on an android phone?

Answer 4

/boot (kernel)
/system (pre installed apps)
/recovery (alternative boot)

/data (all user data and apps)
/cache (feq. accessed temp data)
/misc (settings)

/scdard0 (internal SD)

Question 5

What partition is wiped when performing a factory reset?

Answer 5

/data

Question 6

Name the Android OS layers

Answer 6

1 Applications
2 App framework > Managers and providers used when developing/running an app
3 Libraries & runtimes > general helpers that provide access to core libraries and the VM
4 Linux Kernel > drivers

Question 7

What are core apps? (Applications layer)

Answer 7

Default apps on the device, like SMS, contacts, Call app.

Question 8

What does the Application framework layer constist of?

Answer 8

API’s for app developers, like accessing sensors, default activity behaviour and content access on the device etc.

Question 9

What is the Android Library layer?

Answer 9

c/c++ libs used by components of the android framework, like SSL, WebKit, OpenGL, SQLite

Question 10

What is the android runtime layer?

Answer 10

providing realtime access to the core libraries. Possible access to network, files etc.

Question 11

What is the android kernel?

Answer 11

A linux kernel (v 2.6). Provides memory/process managent, networking, drivers and security.

Question 12

What does linux give the apps? (2 things about security)

Answer 12

Group ID at install time
User ID (UID), can be used as process etc. This is used to store data on the /data partition with only that user (app) rights.

Question 13

What is Dalvik?

Answer 13

Java Virtual Machine for Android.

Question 14

What are dex files?

Answer 14

Byte code (from java) which can be ran by Dalvik. .dex === .class for JVM.

Question 15

When can you publish an android app (security resitrictions) ?

Answer 15

Must be signed with a trusted cert, and an valid signature. This can be requested at the dev portal and required at building the .apk for release.

Question 16

How does the signing of an APK work (5) ?

Answer 16

1. The code is hashed and encrypted with a private key of the author
2. The author public key is attached to the code
3. At runtime the mobiel device gets the public key and decrypts the hash (code)
4. Hashes the code back again to compare it
5. Finally the public key is checked with the Trust Authorities cert store.

Question 17

What three directories does the APK contain (security things) ?

Answer 17

META-INF directory. Contains the MANIFEST.MF file, CERT.RSA (certificate of ownership) And CERT.SF file (contains the data to be signed)

Question 18

What are the 5 resources, apart from META-INF, included in an Android APK file?

Answer 18

1 res = resources that couldnt be compiled
2 assets = extra files
3 androidmanifest.xml (projects manifest)
4 classes.dex = All classes compiled
5 resources.arsc = compiled resources in binary format

Question 19

What are application-level interactions?

Answer 19

Interactions on components like: Activities, services, content providers, broadcast receivers.

Question 20

What does an activity do?

Answer 20

Provides user interaction and GUI

Question 21

What does a service do?

Answer 21

provides background processes

Question 22

What does the content provider do?

Answer 22

Provides data storage facilities

Question 23

What does the broadcast receiver do?

Answer 23

Provides the possibility to receive mails or events from the apps or systems.

Question 24

What are the important methods that work with the Activity Lifecycle?

Answer 24

onCreate()
onStart()
onRestart()
onResume()
onPause() -> goes to resume or create
onStop() > goes to restart or create
onDestroy()

Question 25

How does the Linux system start an app?

Answer 25

In one single thread. By default all components of the app run in the main thread. (same process/thread)

Question 26

Does a service run in a different thread?

Answer 26

No, it does not. It can still freeze the UI. It works on the same process as the app in the main thread.

Question 27

How can you use a thread or Runnable?

Answer 27

Creating a new class that extends the Thread or Runnable class (e.g. as myThread). It has to implement the run() method to execute code in the thread. The run() will be automatically called when calling new myThread().start();

Question 28

What is a way to perform an async task, which can directly access UI?

Answer 28

Using the AsyncTask class implementation.

Question 29

What are intents and what forms do you have?

Answer 29

Inter-component signaling. Used for starting activities, sending messages and creating background services. There are explicit intents, specifying the component to start with the classname. Implicit is to just perform an action, without a specific component specified.

Question 30

What are the 3 local storage types?

Answer 30

1. SQLite
2. Content Provider
3. File storage

Question 31

What are content providers?

Answer 31

They are like a database with content where you can perform queries on. However they are also used to retrieve photos/contacts etc.

Question 32

What are broadcast receivers?

Answer 32

Events that you can register on. Notifications at runtime, like battery percentage.

Question 33

How are broadcast receivers used?

Answer 33

By extending the BroadcastReceiver and implementing the onReceive method.

Question 34

What permissions are required for using broadcast receivers?

Answer 34

Putting a tag in the manifest file, with an intent filter, containing an action where you want updates from.

Question 35

How do permissions work?

Answer 35

Permissions are all declared in the manifest. Its an all or nothing model. This is to inform the user and to restrict application access.

Question 36

How does cross site scripting work? (XSS)

Answer 36

When code is injected in an web app that contains executable code, like javascript code in a regular input field.

Question 37

Which two kinds of XSS are there?

Answer 37

Non persistance: Visit a malicious webpage.

Persistance: Often included or stored in forum posts

Question 38

What is SQL injection?

Answer 38

Parts of SQL queries that are stored as input parameters. Same like XSS but then as SQL.

Question 39

What is Phising?

Answer 39

For examples websites or emails that seem real but are fake websites requesting your personal/login information