Tuesday, June 23, 2015

Gmail finally lets you 'Undo Send' emails

When it launched in 2009, Undo Send would delay sending your emails for five seconds, but it now lets users choose if they want to hold their mail for 5, 10, 20 or 30 seconds.
Google Labs is a collection of Gmail features that allows users to opt in to public betas for services that aren't quite yet ready for prime time. Undo Send was one of the most popular of the Labs features.
However, Undo Send is not currently available on mobile, so you're out of luck if you want to retract an email you sent via your phone. But there's good news: Google said it will roll out the feature to mobile in the future but didn't elaborate on the timeline.

Monday, June 1, 2015

Windows 10 Will Be Available July 29



Update for windows 10 : Microsoft has officially announced it will be releasing Windows 10 worldwide on June 29 as a free upgrade for users of Windows 7, 8 and 8.1.  Beginning July 29th , 2015 Windows 10 will be available in 190 markets globally as a free upgrade to customers running on Windows 7 and Windows 8.1. Built with help from more than four million people around the world, Windows 10  start of a new era of personal technology, designed to empower people to do great things," said the company in a statement. 



What else do you get? Well I’m glad you asked –  quick look at the highlights:
  • Microsoft Edge: The successor to Internet Explorer, designed around minimalism and collaboration tools, plus with Cortana integration.
  • Word, Excel and PowerPoint built in.
  • Xbox Live and Xbox app for doing things like recording gameplay, interacting with your Xbox friends and also streaming Xbox games to the desktop.
  • Windows Continuum, which lets you smoothly jump between multiple Windows 10 devices, and which lets you use your phones like a PC with external input accessories.
  • Windows Hello, a new login method that uses face, iris or fingerprint recognition to log you in without a password, depending on hardware support.
Microsoft is doing everything it can to make the transition smooth, like ensuring it’ll work with your existing applications. Windows 8 was sort of an awkward generation, so here’s hoping the skipped numeral results in something that suits everyone’s needs.

Tuesday, February 17, 2015

Lost your SmartPhone? You Can Still Retrieve its IMEI Number

Your mobile phone has a globally unique number associated with it, called the IMEI number, that uniquely identifies your device within the mobile network. If your phone gets lost or is stolen, you would need to provide this IMEI number to the law enforcement agencies and the telecom operator for them to blacklist your device and prevent anyone else from using your phone on their wireless network.

As you probably know, it is relatively easy to find the IMEI number of your smart phone. While there are apps that will help you retrieve this number with a tap, you don’t really need one. Just open the phone dialer, call *#06# and the IMEI number will be displayed on the phone’s screen. Alternatively, you can open device Settings – About Phone – Status and long-press the IMEI number to copy it to the clipboard.
If you have however lost your phone but did not record the IMEI number beforehand, you can still retrieve the number from your Google Account.

Just go to google.com/settings, sign-in with your Google account and expand the Android tab. Here you will see of all Android devices that are connected to your Google Account and it will list the IMEI number of your phone as well.
In the case of iPhone, the IMEI number is printed on the box itself. And if nothing works, trace the phone’s receipt – the vendor may have written the IMEI number o the phone on it at the time of sale.

Sunday, December 28, 2014

WhatsApp Tricks for iPhone, Android, BlackBerry & Windows

Use WhatsApp Without Your Mobile Number

Almost every smartphone user today is on Whatsapp. Installing and using it is a pretty standard procedure but ever thought how it could be to use Whatsapp without your number? The very essence of using Whatsapp is the integration with your phone number but there’s a way around it as well. If you follow the following steps, you can easily use Whatsapp without entering your number and have some fun with your friends too. Here’s what you need to do:

You need to install an app like Spoof (for Android)/Fake (for iOS) to start off with. We’ll tell you the functionality of the same later on.
Uninstall WhatsApp just in case you have it in your device and it’s all the more a better option if you don’t.
So then you need to install Whatsapp on your device.
Then you need to put your device into Flight/Airplane mode. This would block your message receiving and sending abilities.
Then you need to open Whatsapp and put your number in it.
What happens is that Whatsapp is not able to send message to its server for verification of your number.
Now that it is not able to verify your number, it will ask you to choose an alternative way of verification.
Then you need to choose the option of “verify through SMS” and enter your email address in the pop up. Then you need to press cancel and what you this way is terminate the authorisation process.
It is now that the Spoof/Fake comes into play.
You need to go your outbox and copy and the message details of the message cancelled in spoof.
Then you need to send these details to the spoof/fake application.

You then need to use the details on the spoofed message: To: +4479000347295, From: +(your country code)(mobile number) and in the message you need write your email address and then you are done.

Change Your Friends’ Profile Picture

Nah, you’ll not be making the change globally, but changing your friend’s profile picture only on your phone is sufficient to scare the hell outta him. Here’s how you can do it.

Choose a profile picture for your friend. Use Google Image search for cute looking monkeys and donkeys or weird looking people.
Re size the image to 561×561 pixels using Paint or Photoshop and name it with your friend’s mobile phone number.
Save the image in SD card -> WhatsApp -> Profile Pictures. Overwrite an existing image if required.
Disable WiFi and data network. If you don’t WhatsApp will automatically update the picture. Now show it to your friend who’ll panic instantly!

Note: This is not a hack, but simply a trick to change your friend’s profile picture only on your device. This is meant for fun purpose only.

Stop Automatic Media Download

By installing the same app, WhatsApp Plus you can stop WhatsApp from downloading images automatically.

Update: You no longer need to use WhatsApp Plus to prevent auto-downloading of images or other media. WhatsApp now allows you to control it from the pap itself. Simply go to Settings -> Chat Settings -> Media auto-download -> Check ‘When using mobile data’, ‘When connected on WiFi’ and ‘When roaming’ one by one and uncheck all the sub-options!

Lock WhatsApp

Do your friends often use your mobile phone? Does someone sneak peek at your WhatsApp messages? Well a way to prevent that from happening is to lock WhatsApp. To lock Whatsapp on BlackBerry follow this link and to lock WhatsApp on Android follow this link. You can even use other Android lockers to hide or lock WhatsApp with a password, pin or a pattern.


Saturday, December 13, 2014

4 Instagram Tools for Scheduling Instagram Updates

Why Use Tools to Schedule Instagram Posts?

Instagram was designed primarily as a mobile tool, so that’s where most interactions take place. Instagram wants users to capture events as they happen. While real-time posting is the best-case scenario, it doesn’t work for everyone at all times. If you’re using the native version of Instagram on a desktop, you can view Instagram content and interact with people you’re following, but you can’t upload anything. While there are a few options available to upload photos and videos to Instagram from a computer, none of these lets you schedule your content.

instagram scheduling tools
Find Instagram tools for scheduling Instagram updates.
Luckily, there are some tools for scheduling your Instagram content. Some are mobile-only, others are computer-only and a couple of them do both. Remember, scheduling or automating posts to your Instagram channel should not be the primary way you keep your Instagram channel updated. It should be part of your company’s Instagram strategy for those times when you know you’ll be unavailable. Let’s take a look at the available tools.

#1: ScheduGram
Upload single photos, multiple photos and videos.

schedugram uploader

Once you upload, edit your photos. Tools available include cropping, retouching, adding effects and enhancing your images.


\schedugram photo editor
When your photos or videos are ready for Instagram, schedule them and request notification via email once they’ve gone out.
schedugram scheduling


Manage multiple Instagram accounts and give access to as many users as you need. Cost: Various packages available, which start at $13 per month with a 7-day free trial.

#2: Latergramme
Use Latergramme to schedule posts from a browser or use the mobile iOS app. A couple of things to note: With this tool, you can only upload individual images. Plus, while you can schedule and organize your Instagram posts, Latergramme does not post them for you.

latergramme scheduler




















Latergramme sends a reminder at the scheduled time, which you can open and post via Instagram.

latergramme reminder
Latergramme is kind of like a glorified editorial calendar for Instagram, since you still need to post the photos yourself. Cost: Free to sign up. Starts at $9.50 per month. Premium and business accounts also available.

#3: Instapult
With Instapult, you can manage multiple Instagram accounts and invite other administrators to post. Upload single images only on this web-based tool.

instapult scheduler
instapult scheduler
Single images uploaded using Instapult.

Instapult also gives you the ability to edit your images and apply filters.
instapult editing

Crop and edit images in Instapult before posting them to Instagram.
Once you add the image, schedule it to post.
instapult schedule
instapult schedule
Use Instapult to schedule images to post to Instagram.
The web functionality makes it easy to delete scheduled updates.
instapult scheduled posts
instapult scheduled posts
Easily delete scheduled Instagram posts within Instapult.
Instapult has editing capabilities like ScheduGram and single-image uploads like Likegramme. Cost: Free to sign up and get a weeklong trial. Three premium packages available, starting at $12 per month.


#4: TakeOff
Part of the JustUnfollow app, TakeOff is similar to Latergramme with a few exceptions. For one thing, TakeOff has both an Android and iOS mobile app. Plus, you can only schedule images; they don’t actually post them for you. This is because of the way Instagram allows companies to access their API. TakeOff offers hashtag suggestions and a recommended time to post when your followers are most engaged.
takeoff scheduler
takeoff scheduler
TakeOff allows you to schedule posts. It will then remind you when to post them to Instagram.
One important difference: TakeOff doesn’t apply filters and effects within their app. Instead, when you schedule a photo to go out, it reminds you and then gives you the option to open it in Instagram or another editor to apply any additional filters. The interface for TakeOff is easy to use. Also, you can manage multiple Instagram accounts and team members. Cost: Free, with premium options $9.99 and up.

Tuesday, November 4, 2014

How Attackers Can Use Radio Signals and Mobile Phones to Steal Protected Data



Computers housing the world’s most sensitive data are usually “air-gapped” or isolated from the internet. They’re also not connected to other systems that are internet-connected, and their Bluetooth feature is disabled, too. Sometimes, workers are not even allowed to bring mobile phones within range of the computers. All of this is done to keep important data out of the hands of remote hackers.

But these security measures may be futile in the face of a new technique researchers in Israel have developed for stealthily extracting sensitive data from isolated machines—using radio frequency signals and a mobile phone.

The attack recalls a method the NSA has been secretly using for at least six years to siphon data in a similar manner. An NSA catalogue of spy tools leaked online last year describes systems that use radio frequency signals to remotely siphon data from air-gapped machines using transceivers—a combination receiver and transmitter—attached to or embedded in the computer instead of a mobile phone. The spy agency has reportedly used the method in China, Russia and even Iran. But the exact technique for doing this has never been revealed.

The researchers in Israel make no claims that theirs is the method used by the NSA, but Dudu Mimran, chief technology officer at the Israeli lab behind the research, acknowledges that if student researchers have discovered a method for using radio signals to extract data from hard-to-reach systems, professionals with more experience and resources likely have discovered it, too.



Dubbed “AirHopper” by the researchers at Cyber Security Labs at Ben Gurion University, the proof-of-concept technique allows hackers and spies to surreptitiously siphon passwords and other data from an infected computer using radio signals generated and transmitted by the computer and received by a mobile phone. The research was conducted by Mordechai Guri, Gabi Kedma, Assaf Kachlon, and overseen by their advisor Yuval Elovici.

The attack borrows in part from previous research showing how radio signals (.pdf) can be generated by a computer’s video card (.pdf). The researchers in Israel have developed malware that exploits this vulnerability by generating radio signals that can transmit modulated data that is then received and decoded by the FM radio receiver built into mobile phones. FM receivers come installed in many mobile phones as an emergency backup, in part, for receiving radio transmissions when the internet and cell networks are down. Using this function, however, attackers can turn a ubiquitous and seemingly innocuous device into an ingenious spy tool. Though a company or agency may think it has protected its air-gapped network by detaching it from the outside world, the mobile phones on employee desktops and in their pockets still provide attackers with a vector to reach classified and other sensitive data.

The researchers tested two methods for transmitting digital data over audio signals but Audio Frequency-Shift Keying (A-FSK) turned out to be the most effective.

“[E]ach letter or character was keyed with different audio frequency,” they note in a paper released last week (.pdf) that describes their technique. “Using less than 40 distinct audio frequencies, we were able to encode simple textual data—both alphabetical and numerical. This method is very effective for transmitting short textual massages such as identifiers, key-stroking, keep-alive messages and notifications.”

The data can be picked up by a mobile phone up to 23 feet away and then transmitted over Wi-Fi or a cellular network to an attacker’s command-and-control server. The victim’s own mobile phone can be used to receive and transmit the stolen data, or an attacker lurking outside an office or lab can use his own phone to pick up the transmission.

“With appropriate software, compatible radio signals can be produced by a compromised computer, utilizing the electromagnetic radiation associated with the video display adapter,” the researchers write. “This combination, of a transmitter with a widely used mobile receiver, creates a potential covert channel that is not being monitored by ordinary security instrumentation.”



How Attackers Can Use Radio Signals and Mobile Phones to Steal Protected Data
BY KIM ZETTER   11.03.14  |   6:30 AM  |   PERMALINK
Share on Facebook954
   
inShare
99
signals
Getty Images

Computers housing the world’s most sensitive data are usually “air-gapped” or isolated from the internet. They’re also not connected to other systems that are internet-connected, and their Bluetooth feature is disabled, too. Sometimes, workers are not even allowed to bring mobile phones within range of the computers. All of this is done to keep important data out of the hands of remote hackers.

But these security measures may be futile in the face of a new technique researchers in Israel have developed for stealthily extracting sensitive data from isolated machines—using radio frequency signals and a mobile phone.

The attack recalls a method the NSA has been secretly using for at least six years to siphon data in a similar manner. An NSA catalogue of spy tools leaked online last year describes systems that use radio frequency signals to remotely siphon data from air-gapped machines using transceivers—a combination receiver and transmitter—attached to or embedded in the computer instead of a mobile phone. The spy agency has reportedly used the method in China, Russia and even Iran. But the exact technique for doing this has never been revealed.

The researchers in Israel make no claims that theirs is the method used by the NSA, but Dudu Mimran, chief technology officer at the Israeli lab behind the research, acknowledges that if student researchers have discovered a method for using radio signals to extract data from hard-to-reach systems, professionals with more experience and resources likely have discovered it, too.



Dubbed “AirHopper” by the researchers at Cyber Security Labs at Ben Gurion University, the proof-of-concept technique allows hackers and spies to surreptitiously siphon passwords and other data from an infected computer using radio signals generated and transmitted by the computer and received by a mobile phone. The research was conducted by Mordechai Guri, Gabi Kedma, Assaf Kachlon, and overseen by their advisor Yuval Elovici.

The attack borrows in part from previous research showing how radio signals (.pdf) can be generated by a computer’s video card (.pdf). The researchers in Israel have developed malware that exploits this vulnerability by generating radio signals that can transmit modulated data that is then received and decoded by the FM radio receiver built into mobile phones. FM receivers come installed in many mobile phones as an emergency backup, in part, for receiving radio transmissions when the internet and cell networks are down. Using this function, however, attackers can turn a ubiquitous and seemingly innocuous device into an ingenious spy tool. Though a company or agency may think it has protected its air-gapped network by detaching it from the outside world, the mobile phones on employee desktops and in their pockets still provide attackers with a vector to reach classified and other sensitive data.

The researchers tested two methods for transmitting digital data over audio signals but Audio Frequency-Shift Keying (A-FSK) turned out to be the most effective.

“[E]ach letter or character was keyed with different audio frequency,” they note in a paper released last week (.pdf) that describes their technique. “Using less than 40 distinct audio frequencies, we were able to encode simple textual data—both alphabetical and numerical. This method is very effective for transmitting short textual massages such as identifiers, key-stroking, keep-alive messages and notifications.”

The data can be picked up by a mobile phone up to 23 feet away and then transmitted over Wi-Fi or a cellular network to an attacker’s command-and-control server. The victim’s own mobile phone can be used to receive and transmit the stolen data, or an attacker lurking outside an office or lab can use his own phone to pick up the transmission.

“With appropriate software, compatible radio signals can be produced by a compromised computer, utilizing the electromagnetic radiation associated with the video display adapter,” the researchers write. “This combination, of a transmitter with a widely used mobile receiver, creates a potential covert channel that is not being monitored by ordinary security instrumentation.”



The researchers note that the chain of attack “is rather complicated,” but it’s not beyond the skills and abilities already seen in advanced attacks conducted by hackers in China and elsewhere. Or by the NSA.

Generally the most common method for infecting air-gapped machines is a USB flash drive or other removable media. Once one air-gapped machine is infected, the malware can spread to other machines on an air-gapped network. Data can be extracted the same way, though this is more of a challenge. The malware stores stolen data on the machine until a flash drive is inserted, at which point data is copied to the drive. When the flash drive is then inserted into another computer that’s connected to the internet, the data gets transmitted back to the attackers’ command-and-control center. This method takes time, however, since it requires the attacker to wait until someone inserts a flash drive into the air-gapped machine and carries it to an internet-connected machine.

AirHopper, however, doesn’t require repeated action like this once the malware is installed. An attacker only needs to get their malicious transmitter code onto the targeted machine and then either install the malicious receiver component on the victim’s mobile phone or use the attacker’s own mobile phone in the vicinity of the computer to receive the data and transmit it to the attacker’s command-and-control server. The malware can be programmed to store siphoned data on the infected machine for later transmission at specified hours or intervals. The researchers also devised methods for hiding the data transmission on the targeted machine to avoid detection, including transmitting data only when the monitor is turned off or in sleep mode and altering the FM receiver on the phone so that there is no audible tone when data is transmitted to it.

Although the distance for transmitting data from an infected computer to a mobile phone is limited—due to the limitations of the receiver in phones—attackers could use a stronger portable receiver, set up in a parking lot for example or installed on a drone flying overhead, to pick up data from greater distances.

There are other limitations, however. The proof-of-concept test allows for data to be transmitted at only 60 bytes a second—about a line of text per second—which limits the speed and volume at which attackers could siphon data. But Mimran notes that over time, a lot of sensitive data can still be extracted this way.


A 100-byte password file takes 8-10 seconds to transmit using their method, and a day’s worth of keystrokes takes up to 14 minutes to transmit this way. But a document just .5 megabytes in size can take up to 15 hours to transmit.

Extracting documents “would be very slow and it will take a long time,” Mimran acknowledges, “but this [demonstration] is just a proof-of-concept. I guess the bad people can make it more sophisticated.”

Indeed, the NSA catalogue of surveillance tools leaked last year, known as the ANT catalogue, describes something called the Cottonmouth-I, a hardware implant that resembles an ordinary USB plug except it has a tiny transceiver, called the HowlerMonkey, embedded in it for extracting data via RF signals. According to the New York Times, which published additional information about the Cottonmouth-I, the transceiver transmits the stolen data to a briefcase-sized NSA field station or relay station, called the Nightstand, which can be positioned up to eight miles away. Once the data is received by the relay station, it’s further transmitted to the NSA’s Remote Operations Center. Available since 2009, the Cottonmouth-1 is sold in packs of 50 for about $1 million.

This method of data extraction may have been used in Iran to siphon intelligence about the nuclear program there, the Times reports—perhaps in preparation for the Stuxnet attack, which sabotaged computers controlling centrifuges used to enrich uranium gas in Iran.

A USB plug, however, requires physical access to a targeted computer in the field or it requires the victim to unwittingly insert the USB plug into the computer before the transmission can occur. An alternative method to this, the leaked document notes, is embedding tiny circuit boards in the targeted computer to do the transmission. One way to compromise the machine would be to intercept new equipment enroute to a customer so that it arrives to the victim already equipped to transmit stolen data. According to the document published by the Times, the RF transceiver can also be used to implant malware on a targeted system, not just extract data from it.

Radio frequency hacks are difficult to mitigate, short of physically insulating computers and cables to prevent emissions from being picked up by receivers. This may be practical for military and other classified facilities to do, but not for commercial companies that are trying to protect sensitive data from such attacks. Prohibiting mobile phones from work areas will not help, since outside receivers can be used in place of mobile phones to extract data.

Thursday, October 30, 2014

How to customize Android security using SEAndroid

Security Enhancements for Android (SEAndroid)
Android has added some new features to the 4.4 version of the Android OS ("Kitkat"). The most important change among the new features is the ability to integrate SEAndroid in enforcing mode, which means access permissions for all Android components is under the control of SEAndroid


What is SEAndroid? SEAndroid refers to Security Enhancements for Android, a security solution for Android that identifies and addresses critical gaps. Initially, the project's scope was to enable the use of SELinux in Android to limit the damage that can be done by flawed or malicious apps and to enforce separation guarantees between apps. However, the scope of the project changed to include more than SELinux. SEAndroid is now the overall framework for implementing SELinux mandatory access control (MAC) and middleware mandatory access control (MMAC) on Android.
Let's clarify some concepts related with SEAndroid:

Security-Enhanced Linux* (SELinux) is an implementation of mandatory access control using Linux Security Modules (LSM) in the Linux kernel, based on the principle of least privilege. It is not a Linux distribution but instead a set of modifications that can be applied to UNIX*-like operating systems, such as Linux and BSD.
Discretionary Access Control (DAC) is the standard security model for Linux. In this model, access privileges are based on the user identity and object ownership.
Mandatory Access Control (MAC) limits privileges for subjects (processes) and objects (file, socket, device, etc.).

SELinux does not change any existing security in the Linux environment; instead, SELinux extends the security model to include Mandatory Access Control (e.g., both MAC and DAC are enforced in the SELinux environment).
SEAndroid enhances the Android system by adding SELinux support to the kernel and user space to:
Confine privileged daemons to protect them from misuse and limit the damage that can be done via privileged daemons

Sandbox and isolate apps from each other and from the system
Prevent privilege escalation by apps
Allow application privileges to be controlled at installation and runtime using MMAC
Provide a centralized, analyzable policy
Furthermore, in Android 4.4, SEAndroid is enabled in the Enforcing mode, instead of the non-functional disabled mode or the notification-only permissive mode, which means that any invalid operation will be prohibited in the Android run-time environment.
The SEAndroid Policy

SEAndroid policy is one of the cores of the entire SEAndroid security mechanism. In addition, the security architecture must also have a strict security policy to ensure that the access subject has only minimal access permissions to the object, so that the program can execute the basic functions but will be prevented from executing malicious operations.
As mentioned above, SEAndroid's implementation is in enforcing mode, instead of the non-functional disabled mode or the notification-only permissive mode, to act as a reference and facilitate testing and development.
The security context of SEAndroid is basically consistent with SELinux. The four parts, user, role, type, sensitivity, i.e., u: object_r: system_data_file: s0 are described below:
User: The security context of the first column is the user in SEAndroid and the only one that is u.
Role: The second column indicates the role in the SEAndroid, r and object_r, respectively.
Type: For the third column type, SEAndroid defines the 139 different policy types, such as device type, process type, file system type, network type, IPC type, and so on.
Security level: The fourth column is designed for Multiple Level Security (extension MLS), which is the access mechanism to add security context and format sensitivity [: category list] [- sensitivity [: category list]], for example s0 - s15: c0 - c1023, whereas the category may not be required in the current Android version. The combination of sensitivity and category together declares the current security level, and numbers are identified around the lowest and highest level of security. The parameters of this column are used in the MLS constraint checking, with "15" and "1023" representing the maximum sensitivity and category. This parameter range can be defined in the Android.mk.

The security context is the most important part of the third column type, and the process type is called domain. Type is the most important of SEAndroid parameters and the policy parameters are greatly expanded, so the system for each file marked with the appropriate type becomes extremely important.
The SEAndroid policy sources are located under external/sepolicy.
The policy consists of source files used to generate the SELinux kernel policy file, a file_contexts configuration, a property_contexts configuration, a seapp_contexts configuration, and a mac_permissions.xml configuration.
The file_contexts configuration is used to label files at build time (e.g., the system partition) and at run time (e.g., device nodes, service socket files, /data directories created by init.rc, etc.).
The property_contexts configuration is used to specify the security context of Android properties for permission checking purposes.

The seapp_contexts configuration is used to label app processes and app package directories.
The mac_permissions.xml configuration is the middleware MAC policy.
The device-specific policy sources are located under device/<vendor>/<device>.
The device-specific policy can be specified by defining BOARD_SEPOLICY_DIRS, BOARD_SEPOLICY_UNION and/or BOARD_SEPOLICY_REPLACE variables in a BoardConfig.mk file under the device/<vendor>/<device> or vendor/<vendor>/<device> directories, i.e., the configuration file for Intel® Atom™ processor-based tablet (codenamed Bay Trail) FFRD8 is "/device/intel/baytrail/BoardConfig.mk".
An example can be found in device/intel/baytrail/BoardConfig.mk, which defines these variables to reference device-specific policy files under device/intel/baytrail/sepolicy.
Documentation for per-device policies can be found in the external/sepolicy/README.
Change the SEAndroid Policy

SEAndroid policy files exist under /external/sepolicy. You can change these policy files to see what happens if the new policy is applied. Please pay close attention when changing the policy files, for the incorrect configuration may cause the whole system to halt during booting. Following is an example:

Step 1: Check before modification
First, we need to check the file "/device/intel/baytrail/BoardConfig.mk". The sepolicy configuration of this board is as follows:
1
BOARD_SEPOLICY_DIRS :=
2
3
device/intel/baytrail/sepolicy
4
5
BOARD_SEPOLICY_UNION :=
6
7
file_contexts
8
9
seapp_contexts
10
11
file.te
12
13
genfs_contexts
14
15
fs_use
16
17
device.te
18
19
healthd.te
20
21
app.te
22
23
untrusted_app.te
24
25
surfaceflinger.te
26
27
vold.te
28
29
ecryptfs.te
30
31
zygote.te
32
33

netd.te
BOARD_SEPOLICY_DIRS defines the directory where the device-specific policy files exist. BOARD_SEPOLICY_UNION means the final policy configuration is the result of combining the general policy files and the device-specific policy files. During the Android building procedure, the build system will check the conflict between the different policies. If BOARD_SEPOLICY_ REPLACE is applied, it means the device-specific policies will replace the configuration of general policies.
Second, we need to open the file "/external/sepolicy/untrusted_app.te" and check that the following lines are there:
1
Allow untrusted_app shell_data_file:file rw_file_perms
2
3
Allow untrusted_app shell_data_file:dir r_dir_perms
The two policy items above offer the untrusted apps (the normal apps, not the system apps) the permissions of reading/writing the files and reading the directories with the type of shell_data_file under the runtime environment. The shell_data_file points to any file in /data/local/tmp/ under the run-time environment, which is defined in /external/sepolicy/file_contexts under the development environment as follows:
/data/local/tmp(/.*)? u:object_r:shell_data_file:s0
But these permissions listed above have some limitations.  If the files and directories exist in /data/loacal/tmp/, the untrusted apps can read/write these files and enter these directories. But the untrusted apps cannot create their own files and directories under /data/local/tmp/. Only system apps or services can create files or directories for the untrusted app. If we want to give more permission to the untrusted apps, we can make the changes described in Step 2.
Step 2: Add the new policy items
Now we edit the file "/device/intel/baytrail/sepolicy/untrusted_app.te" and add the following two lines to the end of the file:
1
Allow untrusted_app shell_data_file:file create_file_perms
2
3
Allow untrusted_app shell_data_file:dir create_dir_perms
These two items give permission to the untrusted apps to create the files and directories in /data/local/tmp/ in the run-time environment, which is defined in /external/sepolicy/file_contexts under the following development environment:
/data/local/tmp(/.*)? u:object_r:shell_data_file:s0
The basic file/directory permissions are defined in /external/sepolicy/global_macros:


 
01 define('x_file_perms', '{ getattr execute execute_no_trans }')   
02     
03 define('r_file_perms', '{ getattr open read ioctl lock }')   
04     
05 define('w_file_perms', '{ open append write }')   
06     
07 define('rx_file_perms', '{ r_file_perms x_file_perms }')   
08     
09 define('ra_file_perms', '{ r_file_perms append }')   
10     
11 define('rw_file_perms', '{ r_file_perms w_file_perms }')   
12     
13 define('rwx_file_perms', '{ rw_file_perms x_file_perms }')   
14     
15 define('link_file_perms', '{ getattr link unlink rename }')   
16     
17 define('create_file_perms', '{ create setattr rw_file_perms link_file_perms }')   
18     
19 define('r_dir_perms', '{ open getattr read search ioctl }')   
20     
21 define('w_dir_perms', '{ open search write add_name remove_name }')   
22     
23 define('ra_dir_perms', '{ r_dir_perms add_name write }')   
24     
25 define('rw_dir_perms', '{ r_dir_perms w_dir_perms }')   
26     
27 define('create_dir_perms', '{ create reparent rmdir setattr rw_dir_perms link_file_perms }')  


define('create_dir_perms', '{ create reparent rmdir setattr rw_dir_perms link_file_perms }')
We can see the permissions, such as the file operation "{ getattr open read ioctl lock }", are the same as the file operation functions in the real file system.
Finally, we need to rebuild the Android source tree and flash a new image into the Bay Trail FFRD8 device.
Verify the SEAndroid Policy
After the FFRD8 is booted, we can download a FileManager app from an Android App Store, then open the command shell from the FileManager menu. This allows us to emulate the condition of untrusted apps executing file operations.
A new file and new directory can be created by entering the directory /data/local/tmp/ and creating a new file and a new directory. (With a standard FFRD8 device, creating new file and new directory is prohibited.) The result of a different policy is shown in the comparison image below, with the chart on the left showing the result of unchanged polices, and the chart on the right showing the result of changed policies


Figure 1: File permissions comparison between standard policies and changed policies
                             Summary
This article introduces the basic concept of SEAndroid policy and presents an example how to add a new policy to the SEAndroid policy set based on an Intel Atom processor-based platform (codenamed Bay Trail). It will help the ODMs interested in custom-built SEAndroid to havepreliminary understanding of the SEAndroid policy mechanism.
Source: https://software.intel.com/en-us/android/articles/android-security-customization-with-seandroid

Total Pageviews

Popular Posts

Blog Archive

© 2014 All rights reserved Amitabh Singh. Powered by Blogger.