Uncategorized

IBM on attacking Android Custom Boot Modes

IBM’s SecurityIntelligence has a story on attacking Android’s Custom Boot Modes.

Android Vulnerabilities: Attacking Nexus 6 and 6P Custom Boot Modes
By Roee Hay
Co-authored by Michael Goberman.

In recent months, the X-Force Application Security Research Team has discovered several previously undisclosed Android vulnerabilities. The November 2016 and January 2017 Android Security Bulletins included patches to one high-severity vulnerability, CVE-2016-8467, in Nexus 6 and 6P. Our new paper, “Attacking Nexus 6 & 6P Custom Bootmodes,” discusses this vulnerability as well as CVE-2016-6678.[…]

https://securityintelligence.com/android-vulnerabilities-attacking-nexus-6-and-6p-custom-boot-modes/

Standard
Uncategorized

Android Nexus 5 Monitor Mode

Vincent recently tweeted this pointer to a blog from Frédéric Basse, talking about Android Nexus 5’s Monitor Mode:

Analysis of Nexus 5 Monitor mode
This article will first describe how to locate the Monitor mode code in Nexus 5 firmware (hammerhead-ktu84p-factory-35ea0277, bootloader-hammerhead-hhz11k : c32f8bec310c659c1296739b00c6a8ac). Then, we will try to understand what it does (its functionalities). Finally, you will have to find bugs by yourself because I didn’t find any…so far !
[…]

Full article:
http://www.fredericb.info/2014/12/analysis-of-nexus-5-monitor-mode.html?spref=tw

Standard
Uncategorized

February’s Google Nexus security bulletin is out

The Google Nexus Security team has released their monthly security bulletin.

We have released a security update to Nexus devices through an over-the-air (OTA) update as part of our Android Security Bulletin Monthly Release process. The Nexus firmware images have also been released to the Google Developer site. Builds LMY49G or later and Android M with Security Patch Level of February 1, 2016 or later address these issues. Refer to the Nexus documentation for instructions on how to check the security patch level.
[…]
We would like to thank these researchers for their contributions:
* Android and Chrome Security Team: CVE-2016-0809, CVE-2016-0810
* Broadgate Team: CVE-2016-0801, CVE-2015-0802
* David Riley of the Google Pixel C Team: CVE-2016-0812
* Dongkwan Kim (dkay@kaist.ac.kr) of System Security Lab, KAIST: CVE-2015-6614
* Gengjia Chen (@chengjia4574) of Lab IceSword, Qihoo 360: CVE-2016-0805
* Hongil Kim (hongilk@kaist.ac.kr) of System Security Lab, KAIST: CVE-2015-6614
* Qidan He (@Flanker_hqd) of KeenLab (@keen_lab), Tencent: CVE-2016-0811
* Seven Shen (@lingtongshen) of Trend Micro (www.trendmicro.com): CVE-2016-0803
* Weichao Sun (@sunblate) of Alibaba Inc: CVE-2016-0808
* Zach Riggle (@ebeip90) of the Android Security Team: CVE-2016-0807
[…]

See the full bulletin for specifics on each of the CVEs:

https://source.android.com/security/bulletin/2016-02-01.html

Standard
Uncategorized

Google Android Nexus debug cable is open source

Google has specs for the Nexus debug cable:

USB debug cable design documents:  Eagle schematics and PCB, gerber files, and BOM for a debug cable
for the headset serial port found on most Nexus devices.

https://android.googlesource.com/device/google/debugcable/+/master

Standard
Uncategorized

Android Nexus security updates for November

Google is continuing it’s new policy of monthly Android updates for it’s Nexus line.

CVE-2015-6608, Critical, Remote Code Execution Vulnerabilities in Mediaserver
CVE-2015-6609, Critical, Remote Code Execution Vulnerability in libutils
CVE-2015-6611, High, Information Disclosure Vulnerabilities in Mediaserver
CVE-2015-6610, High, Elevation of Privilege Vulnerability in libstagefright
CVE-2015-6612, High, Elevation of Privilege Vulnerability in libmedia
CVE-2015-6613, High, Elevation of Privilege Vulnerability in Bluetooth
CVE-2015-6614, Moderate, Elevation of Privilege Vulnerability in Telephony

https://groups.google.com/forum/#!msg/android-security-updates/n1aw2MGce4E/jhpVEWDUCAAJ
https://source.android.com/devices/tech/security/enhancements/enhancements60.html

In somewhat-related Android security news, there is a new design-time vulnerability:

http://blog.trendmicro.com/trendlabs-security-intelligence/setting-the-record-straight-on-moplus-sdk-and-the-wormhole-vulnerability/
http://www.itproportal.com/2015/11/03/android-sdk-vulnerability-leaves-100-million-users-at-risk/

 

Standard
Uncategorized

Nexus status update

Tom’s Hardware has an article with an interview of a few Nexus engineers, talking about upcoming releases:

Nexus Engineers Reveal More Nexus 5X, Nexus 6P Details
by Lucian Armasu

Four members of the Google Nexus team, including Hiroshi Lockheimer, David Burke, Krishna Kumar and Sandeep Waraich, took the time to answer questions from Nexus 5X and Nexus 6P fans about the two new phones. Here’s a summary of the most important details. […]

http://www.tomshardware.com/news/nexus-5x-nexus-6p-ama,30208.html#xtor=RSS-999

Standard
Uncategorized

Google revises Nexus update policy

Last week, Adrian Ludwig (Lead Engineer for Android Security) and Venkat Rapaka (Director of Nexus Product Management) posted a blog entry on the Official Android blog, announcing a change to the Nexus update policy:

“Nexus devices have always been among the first Android devices to receive platform and security updates. From this week on, Nexus devices will receive regular OTA updates each month focused on security, in addition to the usual platform updates. The first security update of this kind began rolling out today, Wednesday August 5th, to Nexus 4, Nexus 5, Nexus 6, Nexus 7, Nexus 9, Nexus 10, and Nexus Player. This security update contains fixes for issues in bulletins provided to partners through July 2015, including fixes for the libStageFright issues. At the same time, the fixes will be released to the public via the Android Open Source Project. Nexus devices will continue to receive major updates for at least two years and security patches for the longer of three years from initial availability or 18 months from last sale of the device via the Google Store.”

Nexus aside, I hope other carriers also have clear policies about updates.

Read the full announcement here:
http://officialandroid.blogspot.com/2015/08/an-update-to-nexus-devices.html?m=1

Standard