Poll: my tablet is an iPad/Android, etc...

[RobertJasiek]

Given the popularity of iPad and Android in our age of exponential malware growth, it is only a matter of time until malware (coming from the internet rather than only via an installed root app) will attack every badly configured (jailbroken) tablet quite like today's badly configured Windows PCs.

[flOvermind]

And what about the badly configured not jailbroken devices?

I have never seen a device or operating system that ships with a default setting that is secure. Smartphones are no exception. In fact it's worse: Usually, you as a consumer, can't really do anything about it, at least, ironically, not without jailbreaking it

[RobertJasiek]

I have never seen a device or operating system that ships with a default setting that is secure.

Which actions and methods (don't suggest filters like anti-malware tools, outbound firewalls or HIPS instead of real security) would you suggest for Android or iOS?

(For Windows I recommend thinking before acting, data separation, user accounts, user access rights, software whitelisting rules, integrity levels, (later) dynamic access control, hardening of OS and softwares, filtering / blocking executable imports from outside the PC or making them non-executable.)

[RobertJasiek]

I wondered whether go players would be different in their current iPad preference but

http://www.bizjournals.com/boston/news/ ... -soar.html

suggests a similar relation of 66% iPad and 27% Android. Reading reviews, those complaining about iPad's disadvantages identify too high price, unnecessary restrictions of functionality (file system, iTunes, not suitable outside in the sun, not up to date cameras etc.) and non-PC-standard interfaces (esp. USB). This makes it all the more surprising that the market share is that great. A good part of the same reviewers also say that they have bought an iPad despite its price. Ok, let's face the reality: The iPad is still about the only good enough tablet if one wants a lifestyle product. It will be interesting to see when the competitors will catch up.

[flOvermind]

I have never seen a device or operating system that ships with a default setting that is secure.

Which actions and methods (don't suggest filters like anti-malware tools, outbound firewalls or HIPS instead of real security) would you suggest for Android or iOS?

(For Windows I recommend thinking before acting, data separation, user accounts, user access rights, software whitelisting rules, integrity levels, (later) dynamic access control, hardening of OS and softwares, filtering / blocking executable imports from outside the PC or making them non-executable.)

Basically the same things you listed for Windows. I would also add blocking incoming network connections unless whitelisted. But there's a little caveat: You can't actually do that without root access

That was actually the point of my post: Smartphone operating systems don't let you configure these things, and unfortunately, the defaults are not very secure. With iOS devices, you don't have a chance to improve that at all. With Android, since it's running a Linux kernel, it's theoretically possible when you have root access, but it's not easy.

Personally, I'm using a Maemo device, which is a real GNU/Linux, opposed to just using the kernel. And even there I had to install a custom kernel just to get iptables support, which is necessary to do any sort of network filtering.

So to sum up: Forget it. You have no real control over the security of Android and iOS devices. For Android, it's a bit better if you jailbreak it *and* know what you're doing. Otherwise, you just have to hope there are no exploitable holes in the software (which is unrealistic), or as a next best thing, hope that all discovered holes are fixed fast enough by the vendor (which, as several incidents in the recent past have shown, is also unrealistic).

[RobertJasiek]

Which sense does have "blocking incoming network connections unless whitelisted"? Wouldn't that mean to block almost all the internet and whitelist on an ISP basis or do you mean something entirely different?

So Android security (if I have root access) is like Linux security, except that I would need to inform myself about the latter in great detail?

[flOvermind]

You only block incoming connections, answers to outgoing connections are of course always allowed.

With that, you prevent a number of possible exploits:
- There may be a security bug in the network stack of the operating system. By just rejecting all network packets that are not answers to an outgoing connection, the amount of affected code is less, thus the risk of it having a bug is reduced.
- It may happen that you forgot to turn of an unwanted service. By rejecting incoming connections, you can still not be affected by remote-exploitable bugs.
- There are many system services that listen to incoming connections and that you don't want to turn off because you are using them. Of course, there will always be security measures in place to prevent unauthorized access. But there could be a bug in these security measures. When preventing the incoming connection from the internet, these bugs can at least not be exploited remotely.

In general, blocking incoming connections is just an added layer of security. In a perfect world, where you can (a) assume that there all software you run is bug-free, and (b) you can be sure that no unwanted software is running, these measures would be unnecessary. Since this is not the case, you have to try to minimize the possible attack surface. Throwing away unwanted (and possibly malicious) network packets as early as possible makes sure they don't get in contact with much (possibly buggy) code.


To answer your question about Android:
It depends. At the network level, yes, since Android is running a Linux kernel, and the kernel is in charge of the network, this is the same. The same goes for file system security.
But there are more aspects to security than just these low level things. These things can't help against e.g. malicious web sites that exploit bugs in the browser (but of course preventing the browser from writing system files reduces the impact). That's application level security, and that depends (as always) on the application.

On Android, there is an additional layer: The Dalvik VM (similar to a Java VM). In general, that increases security because the VM can protect the system from buggy applications. So in principle, from an application security point of view, I would definitely trust Android more than iOS or Maemo. But I don't know much about the Dalvik VM, so I can't tell you how or even if you can customize that configuration to be more secure...

[RobertJasiek]

Ah, ok, the usual inbound filter. Windows does that by default in its firewall. Is there a similar default in current linux distributions and Honeycomb or are you saying that even for enabling plain ordinary inbound (packet) filtering it is necessary to have access to the root account?

Why, under Android, is denied write access to system files a matter of the browser software? Is it? Isn't it rather, I hope, like under Windows NT 6.x where ordinary programs during their regular use may not write there (except maybe during the installation)?

If you know it - is the Dalvik VM activated and running by default?

[Mef]

Just to throw in my 2 cents....when my old laptop died I decided to see if I could replace it with a tablet. I ended up getting an Android tablet and really quite like it (it also helped that I had been debating getting an e-Reader, so used this as a compromise). I've played with the iPad and iPad2, and for me personally I like the Android tablets interface better (though I would imagine that is mostly because I'm accustomed to Android widgets and the Android environment due to my phone...). For me I've been able to do just about all of my basic personal computing using the tablet (checking email, websurfing, go playing, etc). I guess you could almost look at it like the computer equivalent of a Smartcar....It's still nice to have a "full-power" PC around for some tasks, but for your basic daily commute so to speak, the tablet's a light way to take care of it.

Back to the original point of the post...while I like it and use it for things, I don't think my tablet is a huge bandwidth hog (except maybe for when I stream pandora...). Once my email and various newsreader apps update, I don't desperately need connectivity (also depending on how they measured it, it might not get counted at all, since my tablet is WiFi only, and wouldn't generate traffic on a mobile network).

[flOvermind]

This "security lecture" is getting quite off-topic, but I'll try to answer the questions anyway

Ah, ok, the usual inbound filter. Windows does that by default in its firewall. Is there a similar default in current linux distributions and Honeycomb or are you saying that even for enabling plain ordinary inbound (packet) filtering it is necessary to have access to the root account?

It really depends on the distributions. Some distributions enable it, some don't. The default setting is usually not really secure, same as on Windows. On Android, as far as I know, it is not enabled by default. There is droidwall, but it requires root access. On Linux, you generally need root access to configure that kind of thing, same as on Windows.

Why, under Android, is denied write access to system files a matter of the browser software? Is it? Isn't it rather, I hope, like under Windows NT 6.x where ordinary programs during their regular use may not write there (except maybe during the installation)?

As I said, file system security is given by the system. But for a really secure setup, that's not enough. Application software has write access to user directories. That's not as bad as writing to system directories, but it's bad enough to lose your data. I also wouldn't bet anything on the impossibility of installing trojans with write access to user directories only.

If you know it - is the Dalvik VM activated and running by default?

The Dalvik VM is an integral component of the Android system. Android apps are not native applications like ordinary Linux, Windows or iOS apps. They are in bytecode, similar to Java or .NET applications, and the Dalvik VM is dynamically recompiling them to native code.

So the Dalvik VM can not be deactivated. You get all the performance and security benefits of using a VM by default.

[Bonobo]

I lurve my iPad and enjoy the wealth of Go-related apps on it

[oren]

I just got a rooted Nook which has been a lot of fun to play go and shogi apps to play on. Japanese shogi association has a pretty cool app which I would love to see for Go. I still can't get on Tygem without using Remote Desktop to do it, but I can get on wbaduk, kgs, igs, and dgs now.

[coderboy]

In my opinion (and experience) one reason iPad enjoys such a huge market lead is the great developer toolchain. Android SDK and NDK is the single worst developer experience I have ever had, and I was really pro-android before using their SDK and NDK.

It is not something that improves with more experience either, it is simply embarrassingly bad, especially compared to iOS.
I just wish apple were more open with their platform and I think the iPad/android market ratio would be even higher.

My .02 cents.

[wms]

In my opinion (and experience) one reason iPad enjoys such a huge market lead is the great developer toolchain. Android SDK and NDK is the single worst developer experience I have ever had, and I was really pro-android before using their SDK and NDK.

It is not something that improves with more experience either, it is simply embarrassingly bad, especially compared to iOS.
I just wish apple were more open with their platform and I think the iPad/android market ratio would be even higher.

My .02 cents.

Wow. I love the Android SDK/NDK. We either have different tastes, or else I've suffered a lot of much worse development enrvironments than you.

[oren]

Wow. I love the Android SDK/NDK. We either have different tastes, or else I've suffered a lot of much worse development enrvironments than you.

I agree with this. The Android SDK/NDK was the easiest development system I had set up and get started with.