National Security Agency (NSA) Released Security Enhanced (SE) Android

US National Security Agency (NSA) released the first public release of the Security Enhanced (SE) Android Project, a program designed to find and plug security holes and risks in the Android flavor of Linux. SE Android is based on the NSA’s SELinux, first released in 2000. 
SEAndroid is the name of both a project to identify, and find solutions for, critical gaps in Android security and of a reference implementation of a security enhanced Android. The project is currently focusing its efforts on enabling SELinux functionality in the hope that it can limit the damage done by malicious apps, but hopes to widen its scope in the future.
SE Android was first publicly described at Linux Security Summit 2011. In essence, the NSA is attempting to bring the same access control and damage mitigation measures found in SELinux to the Android Open Source Project. In the Security Summit presentation, a number of known security vulnerabilities were demonstrated and tested against a version of Android running SE Android controls. All exploits failed unless specifically tailored to the particular system, and even in those cases the exploit’s effectiveness was much reduced.
SEAndroid is only available as source and is built by cloning the Android Open Source Project (AOSP) git repository, and then applying the SE Android modifications from the project’s git repository. Currently the project is builds on Fedora 16, and has built on Fedora 14 and 15. Instructions how to build for emulators and devices (specifically the Nexus S) and how to get started developing policies are available from theproject’s wiki.


Post a Comment

Related Posts Plugin for WordPress, Blogger...