Android Security (Viruses, Malware, etc.)

**mazimi** · 10-01-2008, 06:03 PM

I've seen a couple threads popping up today about Android security and people claiming that just because the platform is open and anyone can put apps on the marketplace this automatically makes the Android platform not secure. Before everyone throws their $0.02 in about how Android will handle security I think it will be beneficial to read the following (sorry if anyone has already posted this, I didn't see it in the previous threads):

Security Architecture:
A central design point of the Android security architecture is that no application, by default, has permission to perform any operations that would adversely impact other applications, the operating system, or the user. This includes reading or writing the user's private data (such as contacts or e-mails), reading or writing another application's files, performing network access, keeping the device awake, etc.

An application's process is a secure sandbox. It can't disrupt other applications, except by explicitly declaring the permissions it needs for additional capabilities not provided by the basic sandbox. These permissions it requests can be handled by the operating in various ways, typically by automatically allowing or disallowing based on certificates or by prompting the user. The permissions required by an application are declared statically in that application, so they can be known up-front at install time and will not change after that.

Basically saying a program is only allowed to screw up one and only one program, itself.

Application Signing:
All Android applications (.apk files) must be signed with a certificate whose private key is held by their developer. This certificate identifies the author of the application. The certificate does not need to be signed by a certificate authority: it is perfectly allowable, and typical, for Android applications to use self-signed certificates. The certificate is used only to establish trust relationships between applications, not for wholesale control over whether an application can be installed. The most significant ways that signatures impact security is by determining who can access signature-based permissions and who can share user IDs.

Saying someone should not be able to place an app or update in the market and claim it as being from the developer if it is not properly signed.

There are more details regarding permissions here: http://code.google.com/android/devel/security.html

**Big Al** · 10-01-2008, 06:20 PM

Pretty interesting, however I still see some holes in the wall. Its comforting to read nonetheless.

**mazimi** · 10-01-2008, 06:23 PM

Originally Posted by Big Al

Pretty interesting, however I still see some holes in the wall. Its comforting to read nonetheless.

I'd be interested in knowing what you consider to be the weakness in this setup.

**tread** · 10-01-2008, 06:26 PM

no, i've played quite a bit with the SDK, just don't have enough programming knowledge to get my ideas up on there feet...

the linux foundation stack itself is quite secure, and looking at the architecture there won't be too many problems... once again, look at windows and see how easy it is to permanently disable your computer for the laymen... enough is said with that in itself