Web Apps vs Compiled Software
In the real world there is always a mix.
* Platform: web apps run on any browser/device, compiled is built for specific OS/architecture
* Updates: web apps - server-side, instant, compiled - user download/install
* Performance: web network-dependent cross-device, compiled - faster, offline
Types of languages
- Directed to microprocessor
- Compiled - C/C++
- Interpreted - Python
- Mix - Java
What is compilation?
Process of generating executable code from source code
How does compilation work?
1) Preprocessor handles macros in source code
2) Compiler translates source code into low-level code (assembly code)
3) Assembler translates to machine code
4) Linker combines files into one executable
5) Runs directly on CPU
Buffer Overflow
Vulnerability where a program writes data to a buffer that exceeds its allocated memory, overwriting adjacent memory locations.
Dangers of Buffer Overflow Vulnerability
Allows RCE can be exploited by attackers to execute malicious code, steal data, or gain unauthorized system access
How is memory managed?
OS allocates memory to running programs and keeps track of which memory is in use or free using memory allocation to avoid conflicts
How does CPU run code?
Repeatedly executes a cycle of fetching an instruction from memory, decoding it, and then executing it.
Jailbreaking
Process of removing software restrictions on iOS devices, granting users “root” access to the OS for full control
Rooting in mobile phones
Gain of superuser (administrator-level) privileges.
Unified Extensible Firmware Interface (UEFI)
Modern firmware replacing BIOS; boots OS faster
Secure Windows Boot
UEFI feature. Checks digital signatures to block unsigned/malicious boot software
DRM
DRM (Digital Rights Management) controls access to copyrighted digital content through encryption and licensing. It protects creators from piracy
Threat Model Underlying AOSP
Network communication is untrusted
Untrusted content is executed/proceesed on/by device
Advsaries can get physical access to android device
Many stakeholders in ecosystem can act as supply chain attack vectors
How AOS protects itself in running apps phase?
Apps run in isolation with no direct system access.
How AOS protects itself in booting device phase?
Checks OS integrity and uses keys in hardware
AOS Security Hardware: TPMs
Trusted Platform Module. A hardware device that generates and stores cryptographic keys and verifies system integrity. When opened it is destroyed.
Microprocessors version of TPM
Trusted Execution Environments (TEE)
