The Android Operating System is an open platform based on Linux, integrated into mobile devices, smart watches, tablets and even televisions and cars. The opportunity to create applications across a myriad of devices raises the problem of security, which I believe to be Android’s biggest challenge.
Android maintains application level security by using a full permissions based security mechanism that lets users restrict access to application components. Permissions can prevent malicious applications from corrupting data, gaining access to sensitive information, or making excessive or unauthorized use of hardware resources or external communication channels.
By default no Android application has permissions to perform any operation that would impact the operating system, the users private data or other applications. But without permission to use anything, an Android Application is not a useful application.
The Security issue
Android uses permissions to filter the capabilities of an application and it’s up to the user whether to accept the permissions of an application upon installation. The problem is that users tend to not read permissions and accept them thoughtlessly. This can lead to a range of security issues from private information flowing to the Android operating system and worse, kernel alterations.
In this article I will discuss the Android manifest and permissions. The manifest file contains information on the app package, including permissions, content providers, services, activities and broadcast receivers.
Continue reading %A Developers Guide to Risky Android App Permissions%
by Valdio Veliu via SitePoint
No comments:
Post a Comment