Tim Donaworth, Author at Security Musings

Android Security and The Tools I Use – JEB

Posted onMay 16, 2013 by Tim Donaworth

There are quite a few tools readily known to the Android reversing community. The primary one is most likely smali/baksmali. It’s an open source tool which will decompile/compile an android dex format which is used by dalvik the native Android VM, into a format known as smali, which is very similar to an assembly language. A lot of people even like dex2jar, which further enhances the experience and takes a broken down apk, and pulls out the compiled dex classes. With dex2jar you can further that and attempt to get some readable jar files. If you wanted to make it even simpler you continue with that jar and use something like JD-GUI to read those jars back into native java code and be off running. For the lazy, there’s also the apktool which does most of the above for you in a simple one-stop-shop.

These are all great tools, but what else is out there? That’s what I’ll be covering in the next few articles. Today I’d like to point your attention to JEB (http://java-decompiler.com). I discovered this back in February when it made its first public release. At the time, I was knee deep in doing Android Application Security Assessments as part of our IPA process. I was still primarily using the tools mentioned above, so it was nice not only to find something different (it doesn’t use the open source smali as the decompiler), and it’s a nice all-in-one solution for exploring the code, as well as analyzing it.

How not to secure your mobile phone.

Posted onMarch 22, 2012 by Tim Donaworth

The following events are based on actual facts and actual events. Names have been changed to protect the oblivious. I would like to start off by stating that I take no pity on the individual this story is about. I refer to them as oblivious because to do what they did simply can’t be categorized in any other way. Let’s back up a week. I’ve been in need of another Android device to do some tinkering with, have a backup for my daily driver, and to have something that my son can play with and not fear total destruction (again of the daily driver). After checking with friends and co-workers if they had any spares – they didn’t – I[…]

Poor Promotional Practices

Posted onDecember 16, 2011 by Tim Donaworth

Sometimes emails aren’t always what they seem. Sometimes they promise great things. Sometimes they follow through with these, but most times they do not. Read on for an example of what not to do in promotional emails and learn how you can further protect yourself from email fraud.

Removing Trusted Certificates from Android

Posted onSeptember 15, 2011 by Tim Donaworth

In light of all the discussions about maintaining a secure posture on trusted certificates we often times forget about the little guys. In this case I’m talking about our mobile devices. We tend to forget that these devices are just as vulnerable as our desktop/laptops. Unfortunately it’s not always easy to manage the certificates on these devices. But if you own an Android device and would like to take a little more control over what your device is trusting read on to find out how you can do it.

OpenVPN on Android

Posted onMay 12, 2011 by Tim Donaworth

OpenVPN isn’t anything new. But today I finally overcame a hurdle I had with trying to connect to our company VPN via my Android device. The OpenVPN for android project isn’t anything new; it’s actually been in the works since late 2009 if you follow it all the way back through a couple forks. The main issue that was holding me up wasn’t anything to do with Android-OpenVPN port itself. It was simply to do with the Android device I was using (thanks Samsung for crapping on us with the Galaxy S devices). A recent ROM update finally put the final pieces I needed into motion for being able to utilize OpenVPN. The main holdback was the lack of tun[…]

Android Improving Platform Fragmentation

Posted onApril 1, 2011 by Tim Donaworth

A little bird was heard saying that Google is finally taking a stance to try and reduce the amount of fragmentation its platform has suffered. We had a couple people at CTIA last week — people whose words carry weight — tell us off the record that the next major version of Android would take big strides toward stopping the ugly trend toward severe fragmentation that has plagued the platform for much of this and last year. You know, the kind of fragmentation that has already left users running not one, not two, not three, but four distinct versions of the little green guy (1.5, 1.6, 2.0, and 2.1) depending on a seemingly arbitrary formula of hardware, carrier, region, software[…]