- Save 10% on selected children’s books, compliments of Amazon Family Promotion exclusive for Prime members .
Android Hacker's Handbook Paperback – 18 Apr 2014
|New from||Used from|
- Choose from over 13,000 locations across the UK
- Prime members get unlimited deliveries at no additional cost
- Find your preferred location and add it to your address book
- Dispatch to this address when you check out
Special offers and product promotions
Frequently bought together
Customers who bought this item also bought
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
If you are a seller for this product, would you like to suggest updates through seller support?
From the Back Cover
A complete guide to securing the Android operating system
The Android Hacker s Handbook provides network security professionals and mobile device administrators with the specifics of the Android operating system from a security standpoint. This book explains how the operating system works, security risks associated with it, and the overall security architecture of the operating system. It also explains how vulnerabilities can be found in, and exploits developed for, various components of the system.
Written by some of the world s foremost Android security researchers, the Android Hacker s Handbook is the only resource of its kind to explore Android security on this level. This essential guide includes both implementation details as well as complexities introduced by the open nature of the OS.
- Become familiar with security implementation details, as well as complexities introduced by the open nature of the Android OS
- Avoid common security pitfalls and stay ahead of the latest smartphone hacking strategies
- Review the various types of attacks that have been successful against the Android OS
- Explore rooting and gain an understanding of the partition layout, boot process
- Understand the complex nature of the Android ecosystem, including the impact of various hardware vendors and software developers
About the Author
JOSHUA J. DRAKE is a Director of Research Science at Accuvant LABS.
PAU OLIVA FORA is a Mobile Security Engineer with viaForensics.
ZACH LANIER is a Senior Security Researcher at Duo Security.
COLLIN MULLINER is a postdoctoral researcher at Northeastern University.
STEPHEN A. RIDLEY is a Principal Researcher with Xipiter.
GEORG WICHERSKI is a Senior Security Researcher with CrowdStrike.
What other items do customers buy after viewing this item?
Top customer reviews
It has taken me a while to skim through this thick tome, enough to appreciate the depth of knowledge on show here from the collection of contributors. I have a technical background in these matters, having built several different computers from scratch from as long ago as 1980 when one had to design and make the circuits and write the operating system and tools. So I recognised the words and syntax and in most cases what was being discussed, and I know enough Unix and system languages to fully understand the reasoning and techniques.
However it is still beyond my ability level (old age?) to be able to actually use it effectively in the manner intended by the authors, and there are just too many software tools to learn which one needs to be able explore more deeply the methods and analyse the results. The topic is just too big! It would be a full-time occupation to use this book to the best advantage; which points to the most likely reader being a student or developer, both of whom will find it invaluable.
If one was already an expert, then it might well fill in some knowledge gaps that lack of time in a fast moving playing-field has prevented one from keeping up with, but I expect most of them will be familiar with all the techniques. However these same busy experts will be able to point to a section when asked the question and say, "It's in there, use your own brain, now let me get back to my work."
The book is highly technical but progresses logically and systematically from the opening chapter's consideration of the Android ecosystem with particular emphasis on the security implications arising from implementation fragmentation and compatibility issues, through specific features of Android design and functionality and the vulnerabilities arising therefrom, and finally wrapping everything up with an exposition of the possibilities arising from direct access to Android devices' hardware components to further research device vulnerabilities. Along the way, individual chapters concentrate on subjects which include:
* Android security deign and architecture, including a look at its various logical layers
* rooting the device, including an overview of root exploits that have been used in the past
* application security issues including an overview of the common security issues affecting Android apps, with worked case studies which show how to identify security-pertinent components and then exploit them to compromise data security
* Android's overall attack surface, looking at all of the ways that Android devices can be attacked and how to identify exposed endpoints on an Android device
* fuzz testing, providing an introduction to fuzzing and moving to an exploration of high level process fuzzing including identifying targets, creating and processing test inputs, together with a full explanation of the challenges involved and the benefits that can be gained
* analysing vulnerabilities, showing how to find the root cause of these and judging their exploitability
* exploiting user space, including an exploration of how to develop an exploit that utilises user space memory corruption
* exploring the potential of return oriented programming for achieving arbitrary native code operation
* mounting kernel attacks by exploiting the monolithic design, distribution model, configuration and consequential vast exposed attack surface that the kernel presents
* an explanation of Android's radio interface layer, providing an understanding of the Android telephony stack, which allows monitoring of the communications between that layer and the manufacturer's modem which interfaces Android to cellular hardware
* an exposition of the various exploit mitigations which mark progress in the arms race between attacker and defender and providing a full summary of the various hardening measures that can be implemented.
The good thing about the book is that while each section flows naturally from the preceding one, each is also sufficiently complete and self-contained that the book can be dipped into and mined for information and assistance with specific topics without the need to work through all of the details of earlier chapters. The book is exemplary in the clarity of the writing as well as the comprehensiveness of the material it covers: those with the background knowledge necessary to understand the basic subject matter should find that they will learn a lot very quickly from this book.
As you have no doubt gathered by now, the book is not for the faint-hearted or for the novice reader. It assumes considerable knowledge of network systems security issues, as well as a sound working knowledge of Ubuntu and a familiarity with the Android Open Source Project. In places, it also expects a certain degree of comfort with assembly language programming. The book is very hands-on in its approach and consequently assumes the reader has ready access to an Android device (preferably from the Google Nexus family), an Ubuntu 12.04 development machine and copies of the Android Software Developers Kit and the Android Native Development Kit.
All in all, this book is an excellent tool in the on-going war against cyber exploits in the mobile domain and should be on the required reading list of all mobile security professionals, as well as each and every Android application developer. You can be pretty sure the bad guys will be queuing up to get their hands on it and will be devouring every piece of information within it!
The bad boys are the manufacturers and networks, both of whom add a layer of alteration to the pristine Android supplied by Google and customize it, maybe introduce bugs and security issues, and then perhaps don't even release any update.
It is thus surprising that Android is so good. Despite the above shortcomings it is rapidly becoming the Number One mobile OS in all countries, even the USA. One consequence of having so many OEMs and versions is that any exploit that works on one phone will have little chance of working on many others, as is made clear in this book.
If you always wondered what an unlocked bootloader was, what happens when you root a phone, or why you do it one way for one phone and another way for another, and what first rate security layers are already in your phone then this is for you. It isn't light reading, but then, did you expect it to be?
Would you like to see more reviews about this item?
Most recent customer reviews
I rooted my new phone soon after
Neither is a beginners guide to making your Android Apps secure.Read more
Look for similar items by category