Android Security
Android is one of the most successful smartphone operating systems.
It is fast and due to its adaptability it has become the number one smartphone and tablet platform in the world today. Despite being primarily designed for phones and tablets, you can find it on many devices from televisions to digital cameras, game consoles and media PCs.
In late 2012, approximately 700,000 apps were available for Android and the estimated number of applications downloaded from Google Play, Android's primary app store, was 25 billion. A developer survey conducted in April–May 2013 found that Android is the most popular platform for developers, used by 71% of the mobile developer population.
Topic: Android Security
This fast-paced process causes difficulties, as many different versions of Android coexist on an even wider range of devices and the carriers are often too slow deploying updates.
This means unavoidable security concerns and android security seems to have become an issue on everyones mind. Reports of malware and virus threat on Android are rising and high profile applications are becoming common targets for malware developers.
Despite several security firms are releasing anti-virus software, this software is rather ineffective, as the Android security model does not provide applications the ability to scan the deeper system for threats.
In addition, poorly designed applications can allow the misuse of their own features or stored data. Poor or non-existent encryption, unnecessary permissions and globally exported components are only some of the faults found in applications today.
What we can do for you
-
Source code auditing
(ensure proper programming methods, advise on security issues) -
Application security analysis and testing
(white and black box testing of existing applications) - Forensics
- Application reversing and analysis
- Malware analysis
Publications by the curesec GmbH on Android Security
10.09.2013 Curesec publishes the article Exfiltrate Data using the old ping utility trick on curesec.com/blog/.
24.07.2013 Curesec publishes a bug that can be used to get payment information for Google Wallet and Paypal by abusing the popular application Whatsapp in July 2013 on curesec.com/blog/.
