Android Security Internals
If you have been following this blog for a while, you might have noticed that there haven't been many new posts in the past few months. There are two reasons for this: me being lazy and me working on a book. The books is progressing nicely, but is still a long way from being finished, so updates will probably continue to be spotty for a while.
While I can't discuss progress in detail, the better part of the book is done and is in various stages of editing and review. Here is the current table of contents, subject to change, of course, but probably nothing too drastic.
Update 2014/10/24: The book has now been released.
Chapter 2: Permissions
Chapter 3: Package Management
Chapter 4: User Management
Chapter 5: Cryptographic Providers
Chapter 6: Network Security and PKI
Chapter 7: Credential Storage
Chapter 8: Online Account Management
Chapter 9: Enterprise Security
Chapter 10: Device Security
Chapter 11: NFC and Secure Elements
Chapter 12: SELinux
Chapter 13: Device Updates and Root Access
If you have found this blog interesting or helpful at one time or another, hopefully this book is for you. While some of the material is based on previous blog posts, it has been largely re-written and extended, and most importantly professionally edited (thanks Bill!) and reviewed (thanks Kenny!), so it should be both much easier to read and more accurate. Most of the material is completely new and written exclusively for the book.
That's it for now, major updates will be posted here, more minor ones via my Google+ account. Finally, do follow No Starch Press on Twitter or subscribe to their newsletter to get updates about upcoming books and Early Access releases.
What is this all about?
The book is a continuation of my quest to understand how Android works and, as you may have guessed already, is called "Android Security Internals". That's a somewhat ambitious title, but it reflects my goal -- to present both an overview of Android's security architecture, and to show how its key components are implemented and interoperate. Meeting this goal requires starting with the most fundamental concepts such as Binder IPC, sandboxing, file ownership and permissions, and looking into key system services that bind the OS together, such as thePackageManagerService
and ActivityManagerService
. After (hopefully) explaining the fundamentals in sufficient detail, the book goes on to discuss higher level features such as credential storage, account management and device policy support. Security features added in recent versions, for example SELinux and verified boot are also introduced. While the book does cover topics traditionally associated with 'rooting' such as unlocking the bootloader, recovery images and superuser apps, this is not a main topic. Finding and developing exploits in order to gain root access is not discussed at all, so if you are interested in these topics you might want to pick up the recently released Android Hacker's Handbook, which covers them very well and in ample detail. Finally, almost all of the material is based on analysis of and experimentation with AOSP source code, and thus almost no vendor extensions or non-open source features are covered.The book
The book is being produced by No Starch Press, who have a long history of publishing great technical books, and have lately been introducing some truly beautiful Lego books as well. On top of that, they are a real pleasure to work with, so do call them first if you ever consider writing a book.
The book is scheduled for September 2014, hopefully I'll be able to finish it on time to meet that date. If that sounds like a long wait, there is good news: the book is available via No Starch's Early Access program and you can read the first couple of chapters right now. New chapters will be made available once they are ready. While there is still a lot of work to be done, the book does already have a cover, and a great one at that:
While I can't discuss progress in detail, the better part of the book is done and is in various stages of editing and review. Here is the current table of contents, subject to change, of course, but probably nothing too drastic.
Update 2014/10/24: The book has now been released.
Table of contents
Chapter 1: Android's Security ModelChapter 2: Permissions
Chapter 3: Package Management
Chapter 4: User Management
Chapter 5: Cryptographic Providers
Chapter 6: Network Security and PKI
Chapter 7: Credential Storage
Chapter 8: Online Account Management
Chapter 9: Enterprise Security
Chapter 10: Device Security
Chapter 11: NFC and Secure Elements
Chapter 12: SELinux
Chapter 13: Device Updates and Root Access
If you have found this blog interesting or helpful at one time or another, hopefully this book is for you. While some of the material is based on previous blog posts, it has been largely re-written and extended, and most importantly professionally edited (thanks Bill!) and reviewed (thanks Kenny!), so it should be both much easier to read and more accurate. Most of the material is completely new and written exclusively for the book.
That's it for now, major updates will be posted here, more minor ones via my Google+ account. Finally, do follow No Starch Press on Twitter or subscribe to their newsletter to get updates about upcoming books and Early Access releases.
Comments
Very useful! Спасибо!
Can you help me? Good luck.