US National Security Agency (NSA) released the first public release of the Security Enhanced (SE) Android Project, a program designed to find and plug security holes and risks in the Android flavor of Linux. SE Android is based on the NSA’s SELinux, first released in 2000.
SEAndroid is the name of both a project to identify, and find solutions for, critical gaps in Android security and of a reference implementation of a security enhanced Android. The project is currently focusing its efforts on enabling SELinux functionality in the hope that it can limit the damage done by malicious apps, but hopes to widen its scope in the future.
SE Android was first publicly described at Linux Security Summit 2011. In essence, the NSA is attempting to bring the same access control and damage mitigation measures found in SELinux to the Android Open Source Project. In the Security Summit presentation, a number of known security vulnerabilities were demonstrated and tested against a version of Android running SE Android controls. All exploits failed unless specifically tailored to the particular system, and even in those cases the exploit’s effectiveness was much reduced.
SEAndroid is only available as source and is built by cloning the Android Open Source Project (AOSP) git repository, and then applying the SE Android modifications from the project’s git repository. Currently the project is builds on Fedora 16, and has built on Fedora 14 and 15. Instructions how to build for emulators and devices (specifically the Nexus S) and how to get started developing policies are available from the project’s wiki.
SEAndroid is the name of both a project to identify, and find solutions for, critical gaps in Android security and of a reference implementation of a security enhanced Android. The project is currently focusing its efforts on enabling SELinux functionality in the hope that it can limit the damage done by malicious apps, but hopes to widen its scope in the future.
SE Android was first publicly described at Linux Security Summit 2011. In essence, the NSA is attempting to bring the same access control and damage mitigation measures found in SELinux to the Android Open Source Project. In the Security Summit presentation, a number of known security vulnerabilities were demonstrated and tested against a version of Android running SE Android controls. All exploits failed unless specifically tailored to the particular system, and even in those cases the exploit’s effectiveness was much reduced.
SEAndroid is only available as source and is built by cloning the Android Open Source Project (AOSP) git repository, and then applying the SE Android modifications from the project’s git repository. Currently the project is builds on Fedora 16, and has built on Fedora 14 and 15. Instructions how to build for emulators and devices (specifically the Nexus S) and how to get started developing policies are available from the project’s wiki.
LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info.
Thank You !
-Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You!
-Team VOGH
Categories:
security-news
,
technews
