Please log in to watch this conference skillscast.
The need for root exploits to gain full control of Android systems gives attackers easy to use tools which can be included in malware – you could pack an existing exploit into an app in as few as three hours!
To harden Android devices for enterprise usage, zertisa is developing a multi-boot Android system based on Linux containers. By design, this abstraction layer does not offer more security – exploits that run in one container can easily infect the host system, and breaking out of the container is only a matter of mounting the right partition. So, how do you solve this problem?
To securely use such a system, Janosch Maier will propose the following:
Each container uses its own kernel to prevent the spreading of root-kits between containers
The containers use SEAndroid policies to complicate the use of root-exploits to break out
Each container is encrypted to complicate physical attacks
The use of SEAndroid promises the best increase of security. Though such measures are essential to prevent container break-outs, their use is not limited to dual boot solutions, and luckily are by now merged into the Android AOSP.
Find out how to apply these methods and fully protect your app - watch this video from Droidcon London now!
YOU MAY ALSO LIKE:
Hardening Android Dual Boot for Enterprise Usage
Janosch Maier works at zertisa, creating a secure Multi Boot system for Android.
Robert Konopka provides Android customizations and ROM-management solutions to OEMs and ODMs at CERN.