Ice Cream - Sudo Make Me a Sandwich

Explore a highly technical overview of ingenious new attacks on Android 4.0+ devices in this 41-minute conference talk from LASCON. Delve into Android's device protection mechanisms and learn how they can be circumvented or unintentionally undermined by device manufacturers. Examine the impact of carrier and manufacturer modifications to the Android Open Source Project (AOSP), including access to device memory, exploitable root processes, and APKs that leak protected information. Investigate /boot and /recovery differences between OEMs, signature check procedures, and tools for identifying potential security flaws in new devices. Focus on mistakes and misconfigurations in customized builds and additional features rather than exploiting the AOSP itself.