1 00:00:07,290 --> 00:00:11,610 - [Lecturer] Google actually includes security features 2 00:00:11,610 --> 00:00:14,970 and work with developers and device implementers, 3 00:00:14,970 --> 00:00:18,556 to keep the Android platform and the ecosystem 4 00:00:18,556 --> 00:00:20,350 in a safe environment. 5 00:00:20,350 --> 00:00:22,190 So and again, it's not so much 6 00:00:22,190 --> 00:00:24,470 only about the actual Android platform, 7 00:00:24,470 --> 00:00:27,810 so your mobile device or your tablet or your refrigerator, 8 00:00:27,810 --> 00:00:30,110 whatever the case is actually running Android, 9 00:00:30,110 --> 00:00:32,733 but also as far as actually ecosystem. 10 00:00:33,660 --> 00:00:35,610 How you're connecting to the app stores, 11 00:00:35,610 --> 00:00:40,070 how you interact with APIs and so on and so forth. 12 00:00:40,070 --> 00:00:41,880 Now, the beauty is that Android 13 00:00:41,880 --> 00:00:43,844 of course is designed to be open. 14 00:00:43,844 --> 00:00:45,580 One of the challenges is of course 15 00:00:45,580 --> 00:00:50,580 is little bit less control than other alternatives, 16 00:00:51,610 --> 00:00:53,900 like of course, Apple iOS. 17 00:00:53,900 --> 00:00:57,380 Now, Google tries to maintain the Android platform 18 00:00:57,380 --> 00:01:00,240 to offer an application environment 19 00:01:00,240 --> 00:01:02,560 to help protect the confidentiality 20 00:01:02,560 --> 00:01:05,290 and of course, integrity and availability of users, 21 00:01:05,290 --> 00:01:08,280 and also of the data and the applications 22 00:01:08,280 --> 00:01:09,750 and the actual device itself, 23 00:01:09,750 --> 00:01:12,540 and as I mentioned before the ecosystem, 24 00:01:12,540 --> 00:01:13,820 so the network. 25 00:01:13,820 --> 00:01:17,990 Now, both Apple and Google have dedicated a lot of resources 26 00:01:17,990 --> 00:01:20,100 to make their mobile operating systems 27 00:01:20,100 --> 00:01:21,320 sort of, fairly secure. 28 00:01:21,320 --> 00:01:23,840 Some of the main challenges in security 29 00:01:23,840 --> 00:01:28,046 is whenever the users root their devices rather 30 00:01:28,046 --> 00:01:31,970 or jailbreak their devices and leaving them open 31 00:01:31,970 --> 00:01:36,190 to either malware or compromise applications. 32 00:01:36,190 --> 00:01:39,100 Now, the main Android platform building blocks 33 00:01:39,100 --> 00:01:41,190 are of course, the device hardware, 34 00:01:41,190 --> 00:01:43,510 that runs on terms of hardware, 35 00:01:43,510 --> 00:01:47,880 so that includes your smartphone, your tablet 36 00:01:47,880 --> 00:01:52,170 of course watches, so smart watches, cars, 37 00:01:52,170 --> 00:01:54,911 smart TVs, gaming systems, refrigerators, 38 00:01:54,911 --> 00:01:56,450 you name it. 39 00:01:56,450 --> 00:01:59,310 A lot of things actually run Android nowadays. 40 00:01:59,310 --> 00:02:04,003 Now, the other beauty is that Android is processor-agnostic, 41 00:02:05,720 --> 00:02:07,090 but it does take advantage 42 00:02:07,090 --> 00:02:10,830 of some of the hardware-specific security capabilities, 43 00:02:10,830 --> 00:02:13,740 especially in the ARM architecture. 44 00:02:13,740 --> 00:02:17,120 So, and there's actually a security capability 45 00:02:17,120 --> 00:02:19,820 called ARM eXecute-Never, 46 00:02:19,820 --> 00:02:24,360 it prevents a remote execution or arbitrary execution 47 00:02:24,360 --> 00:02:29,180 of any type of buffer or flows perhaps 48 00:02:29,180 --> 00:02:33,370 that actually can be exploited in the system. 49 00:02:33,370 --> 00:02:35,860 Now, the Android operating system of course, 50 00:02:35,860 --> 00:02:37,440 is the core operating system 51 00:02:37,440 --> 00:02:40,250 and it's actually built on top of the Linux Kernel, 52 00:02:40,250 --> 00:02:42,410 so it's all based on Linux. 53 00:02:42,410 --> 00:02:47,410 All device resources like the camera, GPS, Bluetooth, 54 00:02:48,150 --> 00:02:52,670 wifi, the telephony functions, the network connectivity, 55 00:02:52,670 --> 00:02:55,070 and you know, many more, 56 00:02:55,070 --> 00:02:57,610 are accessed via the operating system itself, 57 00:02:57,610 --> 00:03:02,610 via the core Android functionalities. 58 00:03:02,760 --> 00:03:04,090 Now, you also have of course, 59 00:03:04,090 --> 00:03:05,570 the Android application runtime, 60 00:03:05,570 --> 00:03:09,420 so, Android applications are actually most often 61 00:03:09,420 --> 00:03:11,930 written in the Java programming language 62 00:03:11,930 --> 00:03:15,660 and they actually run in the Android runtime 63 00:03:15,660 --> 00:03:18,387 and they refer to this as the ART. 64 00:03:19,470 --> 00:03:21,168 However, many applications, 65 00:03:21,168 --> 00:03:25,660 including the core Android services and other applications, 66 00:03:25,660 --> 00:03:30,650 are actually native applications or include native libraries 67 00:03:30,650 --> 00:03:32,920 within the operating system itself. 68 00:03:32,920 --> 00:03:35,010 Now, the Android applications extend 69 00:03:35,010 --> 00:03:36,940 the core Android opening system, 70 00:03:36,940 --> 00:03:39,840 and there are two primary sources for these applications, 71 00:03:39,840 --> 00:03:42,980 so the pre-installed applications that come with your device 72 00:03:42,980 --> 00:03:45,030 or the user-installed applications 73 00:03:45,030 --> 00:03:48,533 via the Google Play or any other stores, 74 00:03:48,533 --> 00:03:50,177 of course, that can be accessed 75 00:03:50,177 --> 00:03:52,340 mostly if you root the device, 76 00:03:52,340 --> 00:03:56,600 and that's the problem with security as I mentioned before. 77 00:03:56,600 --> 00:03:59,760 Now, Google provides a set of cloud based services 78 00:03:59,760 --> 00:04:03,800 that are available to different compatible Android devices 79 00:04:03,800 --> 00:04:06,010 and these services are not part 80 00:04:06,010 --> 00:04:08,600 of the Android Open Source Project itself, 81 00:04:08,600 --> 00:04:11,729 but they're included into many different Android devices, 82 00:04:11,729 --> 00:04:13,380 so, but of course, you know, 83 00:04:13,380 --> 00:04:18,111 we have the primary service for installing applications 84 00:04:18,111 --> 00:04:21,470 or the actual store, which is Google Play, 85 00:04:21,470 --> 00:04:24,684 you also have the services to actually push updates, 86 00:04:24,684 --> 00:04:27,007 which is called Android Updates, 87 00:04:27,007 --> 00:04:30,860 again, it's a update service that provides new features 88 00:04:30,860 --> 00:04:33,570 and security updates through either the web 89 00:04:33,570 --> 00:04:38,430 or through over-the-air or OTA functionality. 90 00:04:38,430 --> 00:04:42,650 So now, there's also the Application Services 91 00:04:42,650 --> 00:04:45,210 and basically it's a framework that allows 92 00:04:45,210 --> 00:04:48,360 Android applications to use cloud capabilities, 93 00:04:48,360 --> 00:04:50,954 like, backing-up your application data, 94 00:04:50,954 --> 00:04:53,170 backing-up your settings. 95 00:04:53,170 --> 00:04:57,560 And also, they have a Cloud-to-Device messaging, 96 00:04:57,560 --> 00:05:00,820 that is called C2DM that is actually used 97 00:05:00,820 --> 00:05:05,340 for pushing messaging to the cloud as well. 98 00:05:05,340 --> 00:05:08,040 They also have another service called Verify Apps 99 00:05:08,040 --> 00:05:10,380 and it basically, it can warn you, 100 00:05:10,380 --> 00:05:13,630 or automatically block the installation 101 00:05:13,630 --> 00:05:15,750 of any type of a compromise applications 102 00:05:15,750 --> 00:05:18,220 or any harmful applications. 103 00:05:18,220 --> 00:05:22,170 And also, it continuously scan applications on the device, 104 00:05:22,170 --> 00:05:27,110 warning about or removing those applications automatically. 105 00:05:27,110 --> 00:05:29,530 Another service is the SafetyNet, 106 00:05:29,530 --> 00:05:31,870 so and again, I'm mentioning all this 107 00:05:31,870 --> 00:05:33,810 because whenever you do security research 108 00:05:33,810 --> 00:05:36,177 or whenever you're actually trying to do 109 00:05:36,177 --> 00:05:38,020 "mobile device ping testing" 110 00:05:38,020 --> 00:05:42,140 which by the way, is way different than let's say, 111 00:05:42,140 --> 00:05:45,010 if you're trying to actually do ping testing on wifi, 112 00:05:45,010 --> 00:05:46,710 in this case, you actually have to look 113 00:05:46,710 --> 00:05:48,310 at many different things. 114 00:05:48,310 --> 00:05:49,390 You have to look at these services 115 00:05:49,390 --> 00:05:50,760 that I'm mentioning right now, 116 00:05:50,760 --> 00:05:52,130 you have to look at the ecosystem 117 00:05:52,130 --> 00:05:55,070 and we're gonna cover that throughout the course. 118 00:05:55,070 --> 00:05:57,055 So, now going back to the services, 119 00:05:57,055 --> 00:05:58,910 the other one is SafetyNet, 120 00:05:58,910 --> 00:06:02,426 and it's basically a privacy preserving, 121 00:06:02,426 --> 00:06:05,831 well, some people call it Intrusion Detection System 122 00:06:05,831 --> 00:06:09,800 to assist Google tracking and mitigating, 123 00:06:09,800 --> 00:06:11,610 known security threats 124 00:06:11,610 --> 00:06:15,870 and also to identify other types of abnormalities, 125 00:06:15,870 --> 00:06:18,200 by far is not an Abnormally Detection System 126 00:06:18,200 --> 00:06:20,600 as you probably are familiar with, 127 00:06:20,600 --> 00:06:21,910 that's why a lot of people 128 00:06:21,910 --> 00:06:24,260 actually call it an Intrusion Detection System 129 00:06:24,260 --> 00:06:28,120 within the Android ecosystem. 130 00:06:28,120 --> 00:06:31,160 And now, part of that is actually the SafetyNet 131 00:06:31,160 --> 00:06:33,640 at the station service, 132 00:06:33,640 --> 00:06:36,800 basically allows for third-party APIs 133 00:06:36,800 --> 00:06:40,770 to determine whether the device is CTS compatible 134 00:06:40,770 --> 00:06:43,800 and also can assist identify the Android app 135 00:06:43,800 --> 00:06:46,430 communicating with the app server. 136 00:06:46,430 --> 00:06:49,560 So, whenever somebody actually creates an app that perhaps 137 00:06:49,560 --> 00:06:52,660 is communicating to the cloud, to the app server, 138 00:06:52,660 --> 00:06:53,860 let's say, I don't know, 139 00:06:54,910 --> 00:06:58,316 Uber, Lyft, OpenTable, 140 00:06:58,316 --> 00:07:01,750 whatever you actually use in your Android device, 141 00:07:01,750 --> 00:07:03,750 that's the type of SafetyNet attestation 142 00:07:04,730 --> 00:07:07,310 that in some cases actually is available 143 00:07:07,310 --> 00:07:11,460 and implementers actually take advantage of, 144 00:07:11,460 --> 00:07:14,700 to determine whether the device is actually CTS compatible 145 00:07:14,700 --> 00:07:19,700 and also allow for the security of third-party APIs. 146 00:07:21,610 --> 00:07:23,900 Now, there's also the Device Manager, 147 00:07:23,900 --> 00:07:26,210 so the Android's Device Manager 148 00:07:26,210 --> 00:07:29,580 and is a web app and also an Android app 149 00:07:29,580 --> 00:07:34,030 that is actually used to locate lost or stolen devices, 150 00:07:34,030 --> 00:07:38,210 fairly similar to what Apple has with Find My Device. 151 00:07:38,210 --> 00:07:42,550 Now, the Android security model is actually based in part 152 00:07:42,550 --> 00:07:45,360 on the concept of application sandboxes, 153 00:07:45,360 --> 00:07:49,090 and each application runs its own sandbox. 154 00:07:49,090 --> 00:07:51,780 Now, a long time ago, several years ago, 155 00:07:51,780 --> 00:07:54,960 prior to Android version 4.3, 156 00:07:54,960 --> 00:07:56,740 these sandboxes were defined 157 00:07:56,740 --> 00:08:01,520 by the creation of a unique Linux UID, 158 00:08:01,520 --> 00:08:05,270 and that UID was actually for each application 159 00:08:05,270 --> 00:08:07,130 at the time of the installation. 160 00:08:07,130 --> 00:08:09,770 Now from 4.3, so for quite some time, 161 00:08:09,770 --> 00:08:13,300 now Android actually uses SELinux, 162 00:08:13,300 --> 00:08:15,020 so the Security-Enhanced Linux. 163 00:08:15,020 --> 00:08:20,020 This is actually used for defining the boundaries 164 00:08:20,600 --> 00:08:24,420 of the application sandbox in Android. 165 00:08:24,420 --> 00:08:27,210 Now, as part of the Android security model, 166 00:08:27,210 --> 00:08:28,960 Android uses SELinux 167 00:08:28,960 --> 00:08:32,800 to enforce Mandatory Access Control, MAC, 168 00:08:32,800 --> 00:08:35,300 over all processes, 169 00:08:35,300 --> 00:08:37,910 even processes running with a root 170 00:08:37,910 --> 00:08:40,693 or super privileges or superuser privileges, 171 00:08:42,440 --> 00:08:45,183 this actually helps protect the operating system. 172 00:08:45,183 --> 00:08:48,420 Also SELinux enhance Android 173 00:08:48,420 --> 00:08:51,750 by confining privileged processes 174 00:08:51,750 --> 00:08:56,750 and automating the Security Policy creation on that device. 175 00:08:57,970 --> 00:09:02,790 Now, Android also includes SELinux in Enforcing mode 176 00:09:02,790 --> 00:09:07,250 and basically, a corresponding Security Policy 177 00:09:07,250 --> 00:09:11,510 that works by default across those devices. 178 00:09:11,510 --> 00:09:13,550 So now, in Enforcing mode, 179 00:09:13,550 --> 00:09:15,460 and this is actually something you have to keep in mind 180 00:09:15,460 --> 00:09:18,146 whenever you're actually doing security research 181 00:09:18,146 --> 00:09:20,240 in Android platforms. 182 00:09:20,240 --> 00:09:21,680 You know, in Enforcing mode, 183 00:09:21,680 --> 00:09:25,300 illegitimate actions are prevented by default 184 00:09:25,300 --> 00:09:27,420 and all attempted violations are actually logged 185 00:09:27,420 --> 00:09:31,193 by the kernel to dmesg and also logcat. 186 00:09:33,280 --> 00:09:35,226 Android devices manufacturers 187 00:09:35,226 --> 00:09:38,470 should actually gather information about these errors, 188 00:09:38,470 --> 00:09:42,200 so they can actually refine their software 189 00:09:42,200 --> 00:09:46,040 and their own SELinux processes before enforcing them, 190 00:09:46,040 --> 00:09:49,920 however, unfortunately this doesn't happen all the time. 191 00:09:49,920 --> 00:09:51,240 That's one of the major differences 192 00:09:51,240 --> 00:09:54,950 between Apple iOS devices and Android. 193 00:09:54,950 --> 00:09:59,950 And again, I'm not by far an Apple fanboy in this case, 194 00:10:00,410 --> 00:10:01,410 but unfortunately, 195 00:10:01,410 --> 00:10:03,300 that's actually one of the major difference, 196 00:10:03,300 --> 00:10:06,010 is that because Android of course, 197 00:10:06,010 --> 00:10:07,450 Google provides the operating system 198 00:10:07,450 --> 00:10:10,810 but it's up to the implementers 199 00:10:10,810 --> 00:10:14,043 to actually do a few of these security implementations, 200 00:10:15,494 --> 00:10:20,494 some implementations may be more secure than others. 201 00:10:20,940 --> 00:10:24,500 Now by default, on Android only the kernel 202 00:10:24,500 --> 00:10:27,510 and a small subset of the core applications 203 00:10:27,510 --> 00:10:30,200 run with root per permissions. 204 00:10:30,200 --> 00:10:32,817 Now, Android does not prevent the user 205 00:10:32,817 --> 00:10:34,880 or an application with root permissions 206 00:10:34,880 --> 00:10:37,249 from modifying the operating system, 207 00:10:37,249 --> 00:10:41,080 can also modify the kernel or any other application. 208 00:10:41,080 --> 00:10:45,020 So in general, root has full access to all applications 209 00:10:45,020 --> 00:10:46,403 and all application data. 210 00:10:47,450 --> 00:10:50,970 So that's whenever users that actually change 211 00:10:50,970 --> 00:10:53,220 their permissions on an Android device 212 00:10:53,220 --> 00:10:55,750 to grant root access to applications, 213 00:10:55,750 --> 00:10:58,830 definitely increase the security exposure 214 00:10:58,830 --> 00:11:02,310 to malicious applications and potential application flaws, 215 00:11:02,310 --> 00:11:04,210 and that's whenever you see a lot 216 00:11:04,210 --> 00:11:06,510 of impersonated applications and so on. 217 00:11:06,510 --> 00:11:10,490 So again, a lot of people that actually root their devices, 218 00:11:10,490 --> 00:11:13,120 I hate to say this but they're actually asking for it. 219 00:11:13,120 --> 00:11:16,430 Now, some implementers may actually change that. 220 00:11:16,430 --> 00:11:18,370 Another thing to actually keep in mind is that, 221 00:11:18,370 --> 00:11:21,970 whenever you're doing security research on Android devices, 222 00:11:21,970 --> 00:11:24,270 so in a lot of cases, actually a lot of people, 223 00:11:24,270 --> 00:11:25,210 actually what they do is, 224 00:11:25,210 --> 00:11:28,083 they start from just by rooting their device. 225 00:11:29,270 --> 00:11:34,270 Now, the ability to modify an Android device that you own 226 00:11:34,880 --> 00:11:37,780 it's important developers working with the Android platform, 227 00:11:37,780 --> 00:11:39,909 so on many Android devices, 228 00:11:39,909 --> 00:11:43,740 user users actually have the capability or the ability 229 00:11:43,740 --> 00:11:48,560 to unlock the bootloader in order to allow the installation 230 00:11:48,560 --> 00:11:51,471 of some other alternate operating system, 231 00:11:51,471 --> 00:11:54,860 so some we call it custom ROMS. 232 00:11:54,860 --> 00:11:57,780 And this alternate operating systems 233 00:11:57,780 --> 00:12:01,760 may actually allow a user to actually gain root access 234 00:12:01,760 --> 00:12:05,370 for the purpose of debugging, "debugging" 235 00:12:05,370 --> 00:12:09,019 and then system components to actually access features 236 00:12:09,019 --> 00:12:11,740 that are not present to applications 237 00:12:11,740 --> 00:12:14,453 by the Android APIs by default. 238 00:12:15,360 --> 00:12:16,983 Now, let's switch a little bit, 239 00:12:16,983 --> 00:12:19,020 let's actually talk about encryption, 240 00:12:19,020 --> 00:12:22,313 and specifically, encryption at rest. 241 00:12:23,370 --> 00:12:27,442 Now, Android version 5.0 and later, 242 00:12:27,442 --> 00:12:29,370 so for quite some time, 243 00:12:29,370 --> 00:12:31,870 they actually support full-disk encryption. 244 00:12:31,870 --> 00:12:35,193 And then from Android 7.0 and later, 245 00:12:36,400 --> 00:12:38,900 it actually supports file-based encryption as well, 246 00:12:38,900 --> 00:12:42,820 and basically, file-based encryption allows different files 247 00:12:42,820 --> 00:12:46,440 of course, to be encrypted with different keys 248 00:12:46,440 --> 00:12:50,080 that can be used to be decrypted 249 00:12:51,129 --> 00:12:53,103 or unlocked independently. 250 00:12:54,070 --> 00:12:55,960 And another thing is actually about, 251 00:12:55,960 --> 00:12:57,340 another thing that I want to cover here is, 252 00:12:57,340 --> 00:12:58,640 application signing. 253 00:12:58,640 --> 00:13:00,750 So, what about application signing? 254 00:13:00,750 --> 00:13:04,270 Application signing allows developers 255 00:13:04,270 --> 00:13:07,350 to identify the author of the application, 256 00:13:07,350 --> 00:13:09,930 so to making 257 00:13:09,930 --> 00:13:11,830 that the user knows 258 00:13:11,830 --> 00:13:13,740 that the application is actually legitimate 259 00:13:13,740 --> 00:13:16,190 and to update their application 260 00:13:16,190 --> 00:13:19,650 without creating complicated interfaces or permissions. 261 00:13:19,650 --> 00:13:23,647 Now, every application that is run on the Android platform, 262 00:13:23,647 --> 00:13:26,800 by default must be signed by the developer. 263 00:13:26,800 --> 00:13:31,092 Of course, if you root it and you go to some other store, 264 00:13:31,092 --> 00:13:34,990 that's definitely very different, right? 265 00:13:34,990 --> 00:13:37,150 Now, applications that actually attempt 266 00:13:37,150 --> 00:13:39,183 to install without being signed, 267 00:13:39,183 --> 00:13:43,020 by default, again will be rejected by either Google Play 268 00:13:43,020 --> 00:13:45,840 or the package installer on the Android device. 269 00:13:45,840 --> 00:13:47,940 If you go to another store 270 00:13:47,940 --> 00:13:49,320 and if you actually root the device, 271 00:13:49,320 --> 00:13:51,453 then that's completely different again. 272 00:13:52,300 --> 00:13:53,310 Now on Google Play, 273 00:13:53,310 --> 00:13:55,820 developers know their application 274 00:13:55,820 --> 00:14:00,490 it's actually provided by them or modified 275 00:14:00,490 --> 00:14:03,510 and that the Android device and the developers 276 00:14:03,510 --> 00:14:05,410 actually can be held accountable 277 00:14:05,410 --> 00:14:07,670 for the behavior of their application. 278 00:14:07,670 --> 00:14:10,993 But of course, if it's modified, then all bats are off. 279 00:14:12,040 --> 00:14:15,020 Now, on Android application signing is the first step 280 00:14:15,020 --> 00:14:19,510 to placing an application in its application sandbox. 281 00:14:19,510 --> 00:14:23,540 The signed application certificates define which user ID 282 00:14:23,540 --> 00:14:27,230 is actually associated with which applications 283 00:14:27,230 --> 00:14:28,960 and then, different applications 284 00:14:28,960 --> 00:14:31,690 run under different user IDs. 285 00:14:31,690 --> 00:14:33,520 Now, application signing ensures 286 00:14:33,520 --> 00:14:37,120 that one application cannot access another application 287 00:14:37,120 --> 00:14:40,213 accept through a well defined IPC. 288 00:14:41,150 --> 00:14:43,983 Now, when an application or APK files, 289 00:14:43,983 --> 00:14:47,150 basically, applications are APK files, 290 00:14:47,150 --> 00:14:50,200 whenever these are installed on an Android device, 291 00:14:50,200 --> 00:14:54,710 the PackageManager is the entity that actually verifies 292 00:14:54,710 --> 00:14:57,102 that the APK has been properly signed 293 00:14:57,102 --> 00:15:01,170 and with the certificate included in the APK. 294 00:15:01,170 --> 00:15:03,960 If the certificate or more accurately, 295 00:15:03,960 --> 00:15:08,030 the actual public key certificate matches the key 296 00:15:08,030 --> 00:15:11,640 that is actually used to sign any other APK on the device, 297 00:15:11,640 --> 00:15:16,480 the new APK actually has the option to specify the manifest 298 00:15:16,480 --> 00:15:18,750 that it will actually share a user ID 299 00:15:18,750 --> 00:15:23,670 with other similarly signed APKs. 300 00:15:23,670 --> 00:15:28,307 Now, applications can be signed by third-party OEMs 301 00:15:30,290 --> 00:15:33,510 or any other type of marketplaces. 302 00:15:33,510 --> 00:15:35,220 In a lot of cases actually, 303 00:15:35,220 --> 00:15:39,070 some enterprises may actually have their own apps, 304 00:15:39,070 --> 00:15:39,990 so they have a different market. 305 00:15:39,990 --> 00:15:43,416 So, it's not only because a device actually has to be rooted 306 00:15:43,416 --> 00:15:46,600 and you want to get a free game from some other market, 307 00:15:46,600 --> 00:15:51,010 but in some cases actually are some legitimate stores 308 00:15:52,070 --> 00:15:53,840 or alternate markets 309 00:15:53,840 --> 00:15:56,710 that applications actually need to be signed, 310 00:15:56,710 --> 00:15:59,190 and those are actually signed with a third-party 311 00:15:59,190 --> 00:16:01,573 or self-signed certificate. 312 00:16:02,530 --> 00:16:04,700 Now, applications do not have to be signed 313 00:16:04,700 --> 00:16:06,450 by a Central Authority, 314 00:16:06,450 --> 00:16:09,420 and Android currently does not perform 315 00:16:09,420 --> 00:16:12,150 any Certificate Authority verification 316 00:16:12,150 --> 00:16:14,370 for application certificates. 317 00:16:14,370 --> 00:16:18,310 And that can be actually huge in the case of security 318 00:16:18,310 --> 00:16:21,180 because it may actually lead to a security problems, 319 00:16:21,180 --> 00:16:25,380 if you actually don't verify the CA verification. 320 00:16:25,380 --> 00:16:28,220 Of course, it's a little bit different to scale 321 00:16:28,220 --> 00:16:30,150 whenever you provide the operating system 322 00:16:30,150 --> 00:16:32,920 and you have many, many different implementers 323 00:16:32,920 --> 00:16:35,740 in comparison to, let's say, Apple, 324 00:16:35,740 --> 00:16:37,729 that they actually control all the devices 325 00:16:37,729 --> 00:16:42,729 and it's not like Apple iOS is running in other vendors, 326 00:16:43,890 --> 00:16:45,493 in other vendors' hardware.