Friday, 19 August 2011

Seven Ways to Hang Yourself with Google Android

« XKCD on passwords | Main | Android Permissions in Motion »

Remember my earlier post on Android permissions where I complained about our inability to detect overprivileged Android applications due to the lack of documentation from Google? Well, guess what? A few days after the post went up, I was passed a link to this paper. Turns out our colleagues at UC Berkeley have been working on the same problem for the past year.

We quickly got together and decided to collaborate. We think this work is a great example of collaboration between industry and academia on a problem that is so incredibly prevalent today. The first milestone of our collaboration is a talk at this year’s DEFCON convention in Las Vegas, which I co-presented with Erika Chin. The talk was very well received. Check out the slides.

As I said, the talk is just the first milestone of our collaborative efforts – we are working together on incorporating research that has been done by the Berkeley team into Fortify SCA. Stay tuned for more updates on our Android support in the near future.

Posted by yoneil at 8:10 PM in Fortify
Responses (2)

 

[Trackback URL for this entry]

Comment: Tasmine at Mon, 5 Sep 7:52 AM

Stay with this guys, you're helpnig a lot of people.

Comment: Keyla at Mon, 5 Sep 8:58 PM

Didn't know the forum rules allowed such brliilant posts.

Your comment:

 
Generate another code
SCode

Please enter the code as seen in the image above to post your comment.
 
 

Live Comment Preview: