added cc On May 6, 2011 7:10 PM, "t0hitsugu" <[email protected]> wrote: > Well for rooted phones you can usually find the original image and flash it > yourself, although this in itself could be modified and packed with > malicious code and in any case isnt what youre looking for. > > Problem is, android most likely will never have this ability itself as it > involves proprietary firmware and drivers. > > I for one dislike the idea of the 'kill-switch' and wonder how long it will > be before somebody learns to mimic the process > On Mar 2, 2011 8:16 AM, "Earlence" <[email protected]> wrote: >> Yup, this is below Android and is vendor specific. >> One way could be to leverage the TrustZone features of ARM processors >> such that in the secure world, a copy of recovery data is kept. This >> data is flashed at install time and only a "key" from the vendor will >> allow someone to access the contents of this memory. >> The user installs an app (that is provided by the vendor on a request >> basis) that can communicate with this part of memory and restore the >> system partition. >> >> Cheers, >> Earlence >> >> On Mar 2, 4:47 pm, Jean-Baptiste Queru <[email protected]> wrote: >>> This is at a level below Android, since anything that Android could do >>> to keep a backup copy (or something similar) could be compromised in a >>> similar fashion. The mechanisms involved, if they exist, vary from >>> manufacturer to manufacturer and even from device to device. >>> >>> JBQ >>> >>> >>> >>> On Wed, Mar 2, 2011 at 7:37 AM, William Enck <[email protected]> wrote: >>> > In the wake of all the news regarding the malware in the Android > Market, it occurred to me that there isn't a good way to *completely* > restore a phone to factory defaults. >>> >>> > First off, great job to Google for removing the malicious apps quickly. > The so called "kill switches" in the Android Market and App Store are great > features for handling exactly this, and obviate a lot of need for antivirus > software. >>> >>> > At the end of the CNN article that was slashdotted ( > http://www.cnn.com/2011/TECH/mobile/03/02/google.malware.andriod/), the > author states: >>> >>> > "If you've downloaded one of these apps, it might be best to take your > device to your carrier and exchange it for a new one, since you can't be > sure that your device and user information is truly secure." >>> >>> > If my understanding of this malware is correct, it contains an exploit > for a kernel privilege escalation vulnerability. Sans all the discussion on > this mailing list regarding forcing OEMs to push security updates, there is > still the possibility of a zero-day kernel exploit. >>> >>> > Which leads me to the premise of this email: Android lets me wipe all > user data, i.e., "restore to factory settings", via the user interface (or > by rebooting to recovery mode), but how do I restore the "system" partition? >>> >>> > Currently, the Google OTA's are frequently patches (which is great to > save bandwidth). However, these links are only public once someone (e.g., on > XDA) discovers and posts them. If my understanding of this is correct, there > are also "full" OTA images out there. >>> >>> > I'm not sure of the best way to achieve this goal, but it would be > beneficial for a user to restore the system partition to a known state as > well, without the need to take the phone to a cell provider store. (I recall > the T-Mobile G2 having an anti-jailbreak mechanism that would potentially > accomplish at least part of this). >>> >>> > Thoughts? There are some interesting trade-offs when defining the > threat model for a solution (e.g., do we trust the recovery image hasn't > been modified). >>> >>> > Thanks, >>> > -Will >>> >>> > -- >>> > William Enck >>> > PhD Researcher >>> > Department of Computer Science and Engineering >>> > The Pennsylvania State University >>> > [email protected] >>> >>> > -- >>> > You received this message because you are subscribed to the Google > Groups "Android Security Discussions" group. >>> > To post to this group, send email to > [email protected]. >>> > To unsubscribe from this group, send email to > [email protected]. >>> > For more options, visit this group athttp:// > groups.google.com/group/android-security-discuss?hl=en. >>> >>> -- >>> Jean-Baptiste M. "JBQ" Queru >>> Software Engineer, Android Open-Source Project, Google. >>> >>> Questions sent directly to me that have no reason for being private >>> will likely get ignored or forwarded to a public forum with no further >>> warning. >> >> -- >> You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. >> To post to this group, send email to > [email protected]. >> To unsubscribe from this group, send email to > [email protected]. >> For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. >>
-- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
