Dan Rosenberg's Presentation On Android Modding For The Security Practitioner Is A Must-Read

1While not everyone who owns an Android device roots, the Android modding community is at the very heart of everything we love about our little green buddy. Security researcher Dan Rosenberg recently gave a presentation where he elaborates on root and modding methods, as well as expounding on the security implications of modding Android phones.

Rosenberg also had quite a lot to say about how carriers influence the Android landscape. Said Rosenberg:

"Of the 10 vulnerabilities that I discovered and used for rooting on Android, 9 of them are related to "stupid" file permissioning not present in the stock Android code, but introduced by the manufacturers"

This won't come as any surprise to anyone who's not fond of carrier skins. It does raise many interesting questions, though. If most root exploits come from carrier skins, and one of the biggest reasons to root is to install custom ROMs, which are frequently based on stock, is it even worth it to carriers to try to prevent users from switching ROMs? We're told that carriers prevent rooting via methods like locked bootloaders to make phones more secure, yet a large number of root vulnerabilities are being found in carrier code.
He went on to explain that relatively harmless root vulnerabilities are patched much more quickly than real security bugs. This only furthers the idea that custom skins are hurting consumers at least as much as helping them, if not more. One can hope that carriers might consider a less invasive approach to adding their own branding and value to handsets, similar to how Google uncoupled many of their stock apps from the OS so they can be updated independently.
Hey, a guy can dream, can't he?

Source: SecureList (Slides) Via: AndroidPolice