Picture of smart phone in human hand

World leading smartphone and mobile technology research at Strathclyde...

The Strathprints institutional repository is a digital archive of University of Strathclyde's Open Access research outputs. Strathprints provides access to thousands of Open Access research papers by University of Strathclyde researchers, including by Strathclyde researchers from the Department of Computer & Information Sciences involved in researching exciting new applications for mobile and smartphone technology. But the transformative application of mobile technologies is also the focus of research within disciplines as diverse as Electronic & Electrical Engineering, Marketing, Human Resource Management and Biomedical Enginering, among others.

Explore Strathclyde's Open Access research on smartphone technology now...

Practical attacks on security and privacy through a low-cost Android device

Paul, Greig and Irvine, James (2016) Practical attacks on security and privacy through a low-cost Android device. Journal of Cyber Security and Mobility, 4 (2). pp. 33-52. ISSN 2245-4578

[img]
Preview
Text (Paul-Irvine-JOCSAM2015-practical-attacks-on-security-and-privacy-through-a-low-cost-android-device)
Practical_Attacks_on_Security_and_Privacy_Through_a_Low_Cost_Android_Device.pdf - Accepted Author Manuscript

Download (168kB) | Preview

Abstract

As adoption of smartphones and tablets increases, and budget device offerings become increasingly affordable, the vision of bringing universal connectivity to the developing world is becoming more and more viable. Nonetheless, it is important to consider the diverse use-cases for smartphones and tablets today, particularly where a user may only have access to a single connected device. In many regions, banking and other important services can be accessed from mobile connected devices, expanding the reach of these services. This paper highlights the practical risks of one such lowcost computing device, highlighting the ease with which a very recent (manufacturered September 2015) Android-based internet tablet, designed for the developing world, can be completely compromised by an attacker. The weaknesses identified allow an attacker to gain full root access and persistent malicious code execution capabilities. We consider the implications of these attacks, and the ease with which these attacks may be carried out, and highlight the difficulty in effectively mitigating these weaknesses as a user, even on a recently manufactured device.