Operating Systems of Mobile Devices (OSMZ)

Week VIII. (29.3.-2.4.2021)

Due to the dominant role of Android in the current mobile device market, we will focus on it later this week. Let's see how Android works from the perspective of the system itself. This is because many operating system functions are hidden or inaccessible to the average user. To gain access to all resources, you need to gain superuser, root, as is the case with other Unix systems. However, this user is blocked in phones by default (in the emulator environment the situation is simpler, you can easily get root rights there).

"Rooting" Android is a process that allows users of phones, tablets and other devices with the Android operating system to switch to the so-called privileged mode (from Linux "root access"). Rooting is done to overcome the limitations of Android mobile device manufacturers. This allows you to change or replace system applications and settings, run specialized applications that require administrator privileges, or perform other operations that are inaccessible to the average user. Rooting also makes it easy to modify or completely replace an existing OS - usually with a newer version. You can obtain Root rights by using one of the system's security holes (as was the case with the RageAgainstTheCage exploit, or by modifying the phone's file system. The second approach is represented by the Magisk application.

Magisk is one of the popular root systems. This basically means that you can customize the phone system through it without making any changes to the base code. Magisk has been under development since 2016 and has very good community support. This is an open-source project, so users don't have to worry about introducing malicious code, as is often the case with closed applications from suspicious sources. The Magisk repository is maintained on Github and has excellent support on the XDA forum.

Once you have root privileges, you have unlimited power over the system and can perform the actions described in the following texts. These permissions are also required for in-depth analysis and debugging, eg through the LiME kernel module. It is often used in combination with the Autopsy application for forensic analysis of the examined phones. Both are also open-source applications.

PRESENTATION

LITERATURE

Browse the book Android Internals: A Confectioner's Cookbook and focus on the chapters

  • II: Android Partitions and Filesystems (str. 27 - 58)
  • III: Android Boot, Backup & Recovery (str. 61 - 95)
  • VII: Android Through a Linux Lens (str. 179 – 205)

ADDITIONAL READINGS

Video Android Internals for Developers,
Short presentation with an example of Autopsy options,
Book Karim Yaghmour, Embedded Android (2013).

QUESTIONS

After reading the above texts, you should be able to answer following questions from the topics for the exam, specifically:

  • Briefly describe the Android platform, basic structure and virtual machine.
  • Describe the application security mechanisms and their dependency on OS services.
  • Describe how user data is secured across applications.