Safety can be saved BlackHat special |Android system? China hackers resorted to artifact

Android Chinese hackers security Black

leifengwang· 2016-08-04 16:53:30

Style= line-height: "

Android system is safe.


above is the biggest joke of hackers in the eyes. />


exaggeration to say that even a script boy can easily find a system on the Internet into the program, break your phone line of defense. The reason for this result, and not as Google in the system security, but most of the present in the human Android mobile phone, most of the lost lamb". Due to the fragmentation of the system, the mobile phone manufacturers to update the process cumbersome, could not find the door can only upgrade, such as a full of wolves wandering souls wandering in the wilderness.


Baidu security chief scientist Wei Tao called" ecological vulnerability "and" Android system of leukemia".


incredible, on top hackers gathered in the event of BlackHat USA, the hacker for three consecutive years go hither and thither to call for Android system security. Just today, he once again boarded the top stage of the global hacker. This time, he resorted to a "artifact". />


[Baidu chief security expert X-Lab


| Android system of leukaemia?


Lei Feng:


our Android mobile phone how unsafe?


BlackHat USA in the previous year, many methods of my speech is directed to attack the Android mobile phone, we live demonstration the remote sensing Android attack mobile phone site and upload video. Here are a few small examples, such as the Android 5.X before, there is a serious loophole, any App can have read mobile phone SMS permissions; similarly, all App can also get users on the contents of the clipboard. Of course, these are just a small part. A large number of basic vulnerabilities have not been repaired, and running on the user's mobile phone, most of them are such a system.


Lei Feng:



is not so. In simple terms: users do not Root phone, the attacker will help you Root. For the vast majority of mobile phones are being used, the underground black production spread mature Root technology. Even in the case of the user is not fully aware of the silence to get the user's Root permissions. For example, to induce users to download a game, just by flashing a Banner way, you can execute the attack code. />

this kind of ignorance of the Root, even more than the user own Root also terrible. hackers can get the highest authority in the background, to steal the user's bank account password. There's even a spy ring on the employee's mobile phone, stealing business conference recordings from the phone. These things I'm talking about are not hypothetical, but real.


Lei Feng:


so around the Android mobile phone, whether a black industry has formed?


is not a lot, but a black cross industry inside. The detailed division of black production has exceeded the imagination, each subdivision industry output value in the hundreds of millions to billions. It can be said that Android's current situation for them is paradise, after a long wait, now they (black production) has been able to start harvesting.


[Wei Tao (left) and team member Zhang Yulong staged in the BlackHat


Lei Feng:


Android system is the reason causing Its loopholes appeared one after another. what?



: from Google to the user, through Android system, mobile phone manufacturers, operators and application developers application development tools, producers and so on, these links, once a problem, it will cause the whole system safety.


: according to our statistics, the first half of this year, different manufacturers, different mobile phone hardware collocation system different versions of the Andorid, the fragments reach hundreds of thousands, even a lot of mobile phone design team has been dissolved, may not provide technical support for each type. So there is no way to put a patch on different devices.


security vendors no position" font-size: 14px; color: RGB (136, 136, 136); ">: Google is clearly not welcome security vendors to enter the Android system kernel. All applications with Root properties are not allowed on the shelves. Security vendors were seriously hit, while Google has no ability to protect their own system kernel, which caused the current Android system security vacuum. To spread many loopholes in the industry, from their own interests, no one will report to Google, the so-called "white Root, black black production".


|


artifact save Android" font-size: 15px; color: RGB (63, 63, 63); "> Lei Feng:


so you BlackHat resorted to the artifact is what?


we developed a tool called AdaptKPatch, specifically into the patch for the system kernel. The advantage of this tool is that it can be implemented on different mobile phone adaptive patch. Through our own grasp of the hundreds of mobile phone testing, we can automatically patch the system. Throughout the patch in the process, the system does not even need to restart, or even without Caton. Hot patch technology, we call it.


[BlackHat site, Baidu X-Lab to display the" heat kernel patch "


Lei Feng:


Hot patch technology is how to achieve it?


kernel information and the mobile phone hardware engine will collect user information, then according to the key parameters have security options to give the template, these" adaptive "in the mobile phone can automatically complete the above.


second style=" font-size: 15px; engine will generate a good patch into the kernel. If we have cooperation with manufacturers, you can repair; if there is no cooperation, you can also use Root technology to patch. />

third step style=


Lei Feng:


this kernel hot patch for all Android models are common?


we are on the side of the hundreds of mobile phone has been tested, can be a good patch. However, our mobile phone is only a small part of the market. Do not rule out some special examples, for example: some vendors provide their own special security mechanisms. Also some of the collection of CPU itself exists bug, although this type of mobile phone ratio is very small. But we have six hundred million or seven hundred million users, even 1% of the phone has a problem, still a large amount. So let Android system become this thing is not a person can do. We need mobile phone manufacturers, security vendors, Google, Qualcomm and we cooperate.


Lei Feng:


on the system kernel patch, the theory is likely to form new attack surfaces, Google how to trust Baidu?


it is for this reason that we are today in the world's first launched another hot patch engine LuaKpatch. Lua is a very small script language, its code is very simple, can achieve the function is limited. But it has the advantage that Google or mobile phone manufacturers can simply audit the security of the code. However, its disadvantage is that some patches can not be repaired by the Lua language, but also the use of AdaptKpatch. These two engines need to be used in order to complete the system kernel patch.


Lei Feng:


AdaptKpatch engine will appear the fragmentation problem?



| />

BlackHat in the scene, Wei Tao and his colleagues demonstrated this tool to the world.


according to the site of the demo video, the original can be Root Root mobile phone, after AdaptKPatch and LuaKPatch patch, completely unable to Root. Moreover, the kernel in the process of upgrading, mobile phone does not restart, even no Caton, completely normal use.


BlackHat has been used as security technology development trend of the benchmark, from this point of view, Android system is suffering from" immune disease "of torture, may under the China hacking efforts, out of the quagmire. />

Lei Feng network (leiphone-sz)

The lastest articles of leifengwang

5G stronger than 4G? After reading you will understand

Pangu jailbreak the hammer mobile phone Bootloader.

Pangu jailbreak the hammer mobile phone Bootloader.

Microsoft push Win10 Cloud, against Google Chrome OS

Which Chinese brands are really famous overseas?

The biggest challenge for automatic driving is that it......

I can get the money in five? Alipay official reply

Prophecy come true: terrorists with a large drone bombs

Prophecy come true: terrorists with a large drone bombs

Seagate factory is just a microcosm