Thursday 1 October 14:30 - 15:00, Red roomWilliam Lee (Sophos)
Rowland Yu (Sophos) download slides (PDF)SEAndroid and containerization have become buzzwords in the mobile security field over the last year. Both of them supply an isolated working environment for Android devices. Moreover, both have the main goal of trying to minimize the damage that can be caused by malicious applications, intruders, exploits and vulnerabilities.SEAndroid stands for 'Security Enhancements for Android', which defines and enforces a system-wide security policy over all processes, objects and operations. It blocks extra privileges escalated by applications, separates applications from each other and the system, and prevents the bypass of security features. On the other hand, 'containerization' refers to the ability to separate an encrypted zone on a device and manage access to that zone. In other words, it not only secures data on the device, but also controls how applications can access, share and use the data.Android 5.0 is trying to set itself up as a safe corporate mobile operating system by touting SEAndroid and containerization. The enforcement of SEAndroid and containerization have been changing the way OEMS and security vendors respond to security issues. However, this paper will prove that, even with these security enhancements, you can still be infected, still have data stolen, still have corporate data leaked, and experience exploration of kernel vulnerabilities.Click here for more details about the conference.