Please I need a tutorial or documentation on the safety aspects Android
Thank you.
if you will define safety, we can help than ...
I want to develop an application that addresses a vulnerability or security problem and I need a tutorial or documentation that will help me.
thanks.
If you want to fix a vulnerability you'll probably have to find one first. Any vulnerabilities that are known well enough to find on the internet are probably already patched.
most likely this will be useless and pointless.
on commercial phones you can't modify any vital part of the OS, you can't even load a module to provide drivers for a specific device, you can't do nothing for the core features of the OS.
if you will discover a bug, the best thing you can do is to publish an article on your blog to gain some view and visibility in the developer community.
Thank you everyone.
Related
Hi, I am a student studying software engineering and this is my 3rd year and i am required to find a topic/subject for the undergraduate project to propose for lecturer. later it will be developed for real but i need to do the presentation first to obtain the lecturer's interest.
so anyone have any idea for apps or systems in mind that involving of using Android device? most students are doing web development or robotic kind of topic, but i wanted to do something for Android. the system must not be too simple, but also not too complicated for me to develop in the future but have a powerful output/results which help people doing things/works in everyday life.
and also some lecturers requires it to have Artificical Intelligence feature/type in a system.
and if you do know while suggesting, please do include what coding/programming language and what other knowledge(graphics/physics/etc) would be used in those systems.
I'm using SGS2, and prefer to make it working for hdpi device first cuz i can test it
Thanks!
Wanted to start a thread on this subject as I have yet to see anything regarding AfW anywhere in these threads.
Does anyone have any information on how the o/s will handle securely wrapping applications and how the o/s creates a second partition/perimeter that is secured from the personal side?
Google Android For Work if you haven't heard about it.
I'm wondering if a rooted device would be able to trick the MDM protected work perimeter to think it has a secure bootrom, recovery partition and valid o/s?
Anyone have a picture of what the filesystem difference looks like?
There's such little information on this, yet it was released with 5.0 lollipop and I'm sure if we reverse engineer the way it functions we could create our own pki enabled MDM open source solution. This would allow end users to freely use there phone without the fear of being snooped on by viruses, corporations for marketing purposes, etc. Overall an open source Mobile Iron solution is what I'm getting to.
Let me know what you guys think.
I'm a major in network security at the moment, and as I've been studying ROM development and the ways that OTAs work, I've come across a method of forcing an OTA that I don't believe I've heard done before. That is, spoofing a web location on a network, and placing a system image in the location. This can be achieved using a typical man-in-middle exploit(of course legally, and under a controlled/private environment).
What I'm curious to however is whether or not Android does a more extensive location check; e.g. if Android checks for SSL/Verification on the location before initiating a download? Would this only work with a system OTA image? What are possible system implications that could prevent this from being achieved?
Thanks in advanced for any answers you may have. I'll be posting further papers and research if I find definitive answers and methods.
Reserved.
Bump reason: I'd really like to know the answer. I haven't been able to find anything conclusive.
You are better off looking in the dedicated security section.
zelendel said:
You are better off looking in the dedicated security section.
Click to expand...
Click to collapse
Sorry, I hadn't realised that this would fit in their. Would it be possible to move it there by any chance?
have you found a way to bypass the need to sign with google's or the oem's keys?
I have seen that in official Lg website many details about module development aren't provided unless join some kind of partnership with Lg.
I'm an engineer and would like to develop myself during my free time some modules for personal use (eg a real powerful lamp flash module like in standalone camera devices and many others ideas that can extend capabilities of device).
This is pertaining to a serious ongoing security issue. Yesterday, while performing my Daily Hard Factory Reset on my Windows 10 Laptop due to continuous unauthorized modifications to PC,including Driver changes, warnings of 3rd party traffic monitoring, frequent service failure,, visual changes to applications GUI without Authorized warning or consent to upgrade said program,applications,services, etc.. More detailed information available in needed. I used a PC for explanation because my Note 20 and several past Android devices mirror above issues. My question is finally: Can a legitimately acquired Development Code Signing Certificate (SSL,Digicert etc) be used in a malicious way to trick OS, Device, End User and Security Software into allowing very dangerous changes? These ATTACKS seem to allow System Compromise to basically be totally Invisible to device and user owner. I believe this tactic if in anyway plausible is being used to cause devastating damage financially, emotionally and all the above. I need to prevent and deture future issues.
Is there a reason you posted this general question in samsubg n20 development thread? also, title is misleading as it looks like u are offering or educating how to sign apps with a signing ceetificate but ur post is more so asking if hacking is possible on android which of course there is, its an electronic device that connects to the internet, there will always be crazy ppl out there exploiting stuff