Google's Android setup process security

Research output: Contribution to conferencePaper

158 Downloads (Pure)

Abstract

Despite considerable research having been carried out into the security of the open-source Android operating system, the vast majority of Android devices run software significantly deviating from the open source core. While many of these changes are introduced by the original equipment manufacturer (OEM), almost every Android device available for sale also features a suite of Google-provided applications and services, which are not part of the Android Open Source Project (AOSP) code. These applications are installed with system-level privileges, and are effectively an extension of the operating system itself. We monitored the process of setting up an Android device, and have identified a number of design weaknesses in the implementation of a number of Google services features which come pre-installed on virtually every Android device on sale today, which could permit skilled and capable attackers to carry out persistent attacks against Android users.
Original languageEnglish
Publication statusPublished - 24 Sep 2014
EventWireless World Research Forum meeting 33 (WWRF33) - University of Surrey, London, United Kingdom
Duration: 24 Sep 201426 Sep 2014

Conference

ConferenceWireless World Research Forum meeting 33 (WWRF33)
CountryUnited Kingdom
CityLondon
Period24/09/1426/09/14

Keywords

  • wireless networks
  • mobile device security
  • mobile operating systems
  • Android Open Source Project (AOSP)

Fingerprint Dive into the research topics of 'Google's Android setup process security'. Together they form a unique fingerprint.

Cite this