Smartphones are being used as the preferred device for as many things as possible in today's world. This is why having secure phones that are resilient against attacks targeting their users’ data, becomes more and more important. This paper tries to assess what measures device vendors have taken to ensure those attacks will not be successful.
Because the market is mostly divided between Google’s Android and Apple's iOS, we put our focus on those two operating systems and compare their respective security models. Additionally this comparison will be evaluating how those models have changed over time since the beginning of the smartphone era around 2010.
The last part of this analysis will take a look at a different view on smartphones, the perspective of so-called "power users": Those are people that do not only use their smartphone for downloading some apps and surfing the Internet but rather want to do some lower-level customization to the operating system, by rooting their Android device or jailbreaking their iPhone.
This process of gaining full privileges on the phone not only creates advantages for the user but can also have rather negative implications on the device's security. How exactly does this affect the protections implemented by the vendor?
Table of Contents
I. INTRODUCTION
II. FIRST VERSIONS: BEFORE 2010
A. iPhone OS (before 4.x)
B. Android (before 3.x)
C. Comparison
III. CURRENT VERSIONS
A. iOS 11
1) System Security
2) App Security
3) Peripheral Security
B. Android 8
1) System Security
2) Google Play Protect
3) Security Updates
4) Privacy
C. Outlook: Android P
D. Comparison
IV. EFFECTS OF SYSTEM LEVEL CUSTOMIZATIONS ON SECURITY FEATURES
A. iOS: Jailbreaking
B. Android
1) Rooting
2) Root Detection
V. CONCLUSION
Objectives & Research Topics
This paper assesses the evolving security architectures of Android and iOS, specifically examining how these platforms have adapted to mitigate threats since 2010. Furthermore, it investigates the security implications of system-level modifications, such as jailbreaking and rooting, from a "power user" perspective.
- Comparative analysis of iOS and Android security models.
- Evolution of platform protections from early versions to current releases.
- Impact of system-level privileges on device integrity and security.
- Evaluation of platform-specific mechanisms like Secure Enclave, Verified Boot, and SafetyNet.
- The trade-off between user customization and system security.
Excerpt from the Book
B. Android (before 3.x)
While iOS is under Apple’s control as much as somehow possible, Google’s Android sets its focus on being an open system (e.g. by the firmware being open source). One critical aspect of this strategy is that Android users can easily install apps from 3rd party sources, not only from the official Play Store (or Android Market, as it was called in early days). This and the problem that Android apps, being programmed in Java, are relatively easy to decompile and modify, opens possibilities to distribute ”cracked” versions of popular paid apps or even versions injected with malware code, to credulous users. Additionally app signing on Android is fundamentally different to Apple’s approach (see Fig. 2): While iOS apps are signed by Apple after being scanned for compliant behavior, Android apps are signed by the developers themselves using self-generated keys. So generally there is no real way of knowing who created an app, unless of course the developers have published their public key on a trusted server. But this would require additional engagement of both the developers and the users. The only way Android’s app signing prevents manipulation is when a user already has an older version of the app installed on their phone and a third party tries to present the user with an update to this app which actually contains malicious code. When trying to install this ”update”, the OS notices that the installed version has not been signed with the same private key as this forged version and aborts the update process. But chances are high that the user would just think that maybe this is a bug in Android and uninstall the old version before trying to use the one presented by the attacker. The result of all this is that while apps uploaded to the official store are being analyzed by Google and can thus be trusted for the most part, when using other sources, users have to be aware of the risk of potentially installing malicous apps.
Summary of Chapters
I. INTRODUCTION: Outlines the dominance of the smartphone duopoly (Android and iOS) and introduces the paper’s focus on comparing their security models and the impacts of root access.
II. FIRST VERSIONS: BEFORE 2010: Examines early security foundations, including Apple’s hardware-based chain of trust and Android’s focus on openness and sandbox-based process isolation.
III. CURRENT VERSIONS: Details modern security enhancements like the Secure Enclave on iOS and Google's SafetyNet framework and Project Treble on Android.
IV. EFFECTS OF SYSTEM LEVEL CUSTOMIZATIONS ON SECURITY FEATURES: Analyzes the security trade-offs for users performing jailbreaking on iOS or rooting on Android, highlighting the resulting loss of integrity guarantees.
V. CONCLUSION: Synthesizes findings, noting that while iOS remains a tightly controlled, secure ecosystem, Android has significantly improved, offering a viable security balance for power users.
Keywords
Android, iOS, Smartphone Security, Jailbreaking, Rooting, Secure Enclave, SafetyNet, Cryptographic Keys, Malware, App Sandbox, System Integrity, Firmware Signing, Trusted Execution Environment, Mobile Security, Access Control
Frequently Asked Questions
What is the core focus of this publication?
The paper focuses on comparing the security architectures of Google's Android and Apple's iOS, assessing their evolution over time and the implications of user-driven system modifications.
What are the central thematic areas?
The main themes include hardware-backed security, application sandboxing, firmware integrity, the impact of third-party app installations, and the security consequences of rooting or jailbreaking.
What is the primary research question?
The paper seeks to assess the security measures implemented by vendors to protect users and how those protections are affected when "power users" gain full privileges via root or jailbreak exploits.
Which scientific methods are employed?
The author uses a comparative analysis method, evaluating architectural specifications, security frameworks, and industry trends to contrast the two dominant mobile operating systems.
What is covered in the main body of the work?
The body covers early and current security features of both platforms, including boot processes, file system encryption, and privacy controls, followed by a study of how system-level overrides impact these defenses.
Which keywords best characterize this work?
Key terms include Mobile Security, Android, iOS, Jailbreaking, Rooting, Secure Enclave, and System Integrity.
How does Apple's "Secure Enclave" differ from previous security measures?
The Secure Enclave is a dedicated hardware element that stores cryptographic keys and performs sensitive operations, such as passcode management, independent of the main processor, preventing even the OS kernel from accessing raw key material.
How does "Project Treble" change Android security updates?
Project Treble separates the Android OS framework from the vendor-specific hardware implementation, theoretically allowing for faster security updates that are independent of specific device chipsets.
What makes "SafetyNet" a controversial security tool?
SafetyNet aims to attest the device's trustworthiness to apps, but it has sparked a "cat-and-mouse" game where developers try to hide system modifications from Google's profiling methods to retain app functionality.
- Citar trabajo
- Samuel Hopstock (Autor), 2018, Differences Between the Security Models of Android and iOS, Múnich, GRIN Verlag, https://www.grin.com/document/491309
