Android Security Model
In the new few blog posts, I would like to review the Android Security Model as defined in the base OS and highlight some of the issues that I see and have been exploited in recent past. Here is a good presentation on the security model.
Issue 1: Permissions Model based on User Acceptance
Whenever an application is installed on Android, it asks user to accept the permissions that the application needs. In any security model, the weakest link is the only piece that matters and as you can imagine, the user is the weakest link here. I do not think any user has the knowledge to understand what the permission sets are and whether an application should need those permissions. For example why would the facebook application need to access the phone?
So invariably majority of users, end up saying yes. I would not be surprised if the percentage of users who ever declined the install based on permissions is less .1%. This means that the malicious writer can easily pose as a useful application and then ask user for permission to access the whole world.
Issue 2: User Defined Permissions
Another weakness in android is the user defined permissions. Imagine a scenario where a malicious application writer, writes a very useful application and gets the credit card and other sensitive information from the user. As part of this application, the application writer can define their own permission set which can then be exploited by another application that is written later.
Many more issues
Self signed binaries and many other so called security models are just waiting to be exploited or have been exploited.