Friday, October 17, 2014

Found the main “hole” in security Android –

Unified Communications System Binder is the primary goal for any malicious software (software), developed for the system Android. This is stated in the company Check Point Software Technologies.

Binder mechanism built into the communications system Android Inter-process Communication (IPC). The company studied the architecture of the Android operating system and has identified the possibility of theft of information that is stored or is in the process of transmission through the mechanism of message processing Binder.

In the standard operating systems processes are working with dozens of elements of the system hardware: hard drive, display adapter , network card, etc. However, due to the specific architecture of the Android OS that a process can perform the same tasks, controlling all applications to interact via the Binder. Thus, through the Binder can be intercepted by such important data as a result of keyboard input information of applications, such as banking transactions, and the contents of SMS-messages.

According to Anton Razumov, head of a group of consultants Safety Check Point Software Technologies, a survey showed a weak link in the IPC devices on Android, which makes Binder new target mobile malware attacks.

«The most important advantage for attackers Binder is a lack of awareness on what data is sent through IPC. Without an appropriate system of layered defense cybercriminals can intercept communications on your Android device via Binder, bypassing all the security measures implemented by individual applications on the device, “- said Razumov.


No comments:

Post a Comment