Dantevios.com

Today I came across some disturbing news: http://android-developers.blogspot.com/2010/06/exercising-our-remote-application.html

It turns out google’s android market can automatedly delete applications from google-based android phones without their users permission. They claim it is to protect end users from malware, just as I’m sure the middle east claims it is building nuclear weapons for their own defense. I can see this growing to be a potentially big problem. I remember Google removing all tetris clones not less than a month ago from the market, but I didn’t realize they could delete the applications off all phones. You would think companies would have learned there lessons over the years? Even Mirosoft now has prompts for their updates and ActiveX controls to run on your computer. I guess history repeats itself.

What if I wanted that malware? I’m a security researcher and I like to study malicious applications. I could very well offload this application off my phone, decompiled it, and tried to see what it is that this person is doing. I couldn’t do that though if the application got deleted.

The fact of the matter is this “feature” google claims to be a protection mechanism can be abused by them to modify data on their users phones. I don’t know about you, but I sure would not feel comfortable if some appliance manufacturer had the authority to come into my home and steal my toaster because it was burning my toast every time I cooked bread. Of course we have all seen recently how google feels about handling other people’s data in the media lately with it’s latest wifi scandals. Are you going to trust them to have the authority over your phone to modify it remotely?

On a different note, I make it a habit not to install third party applications unless they’re open source or come from one of my personal trusted sources, especially if it’s an operating system. However, now that I know google has the power to delete applications off my phone I am probably going to root my android phone and not use google’s firmware anymore.

Porting aircrack to android based phones is possible, but not plausible. Recently I noticed that the Android platform is still on the up and coming and that there is not a lot of security tools for it yet. This past Thursday I had a great idea, so I took the day and invest some of my time into seeing if it would be a good venture to port aircrack to my motorola droid. I wanted to know if it would be possible to port aircrack to android based phones and make the interface look similar to SpoonWEP. In this article, I will talk about why it is possible, but not plausible.

The first thing I actually looked into was SpoonWEP, which is available on Backtrack 3. Since SpoonWEP was written in Java I figured maybe it would be an easy port to android based phones. After decompiling SpoonWEP with my favorite Java decompiler (Jad), I saw that all SpoonWEP consisted of was a Java GUI designed to use the command line to call aircrack.

Porting aircrack into Java code would probably not be that bad of a transition. The Android API includes a packages like android.net.wifi and java.net.Socket, which could be used for messing with the the datalink layer. The task that would really be a pain to do though is write the driver for the broadcom bcm 4329 chipset that the android based phones such as the motorola droid use. A new driver would probably have to be developed in order for the chip to support packet injection (if it is even possible). I found out the model of the chipset of my motorola droid phone through Cyanogen, a third party firmware for android based phones. Even if one could write this driver, one would most likely have to root their phone in order to install it properly.  Otherwise they would probably end up violating the terms of service for users when they went to install the application from the android market.

The vision of this tool was to sell it off as a tool for security auditors. They could pay 10 bucks and download an app that would crack any WEP encrypted router they wanted to test right from their phone. Getting users to root their phone, or requiring users to break their terms of service to install the application would probably not go over so well. Anyway, if anyone else out there wants to give this project a shot, be my guest. I am just publishing my results for the sake of research.