3 comments

[ 3.1 ms ] story [ 16.5 ms ] thread
As I published two month ago an analysis about Samsung Knox (http://mobilesecurityares.blogspot.de/2014/10/why-samsung-kn...) I thought it is time to write a short article about passwords in general on mobile devices.
Since 4.4 Android uses the Enforced Mode of SELinux, which should limit some privileges. Can the root user still have access to the passwords in this situation?
Android introduced SELinux with version 4.3. There it was really permissive, since version 5.0 Android moved to full enforcement of SELinux. Yes this will help to prevent it a bit, but it's not a "jack of all trades". There are still proccess which are running as root and can be exploited, thus circumventing the SELinux rules, like the core ‘Zygote’ service. "Zygote is one of the only services available on Android L, which is started as root within the unrestricted “init” SELinux context." (http://www.xda-developers.com/android/supersu-beta-lollipop-...)

Regards,

Ares