Explore the security vulnerabilities introduced by OEM modifications to Android devices in this eye-opening conference talk from Security BSides London. Delve into the challenges faced by Google in improving Android security, including the implementation of SELinux and monthly security patches. Discover why these efforts may not be sufficient due to the actions of Original Equipment Manufacturers (OEMs). Learn about multiple zero-day vulnerabilities, including remotely exploitable ones, that affect hundreds of millions of Android devices worldwide as a result of OEM customizations. Witness live demonstrations of vulnerability exploitation and gain insights into the potential risks associated with OEM modifications to the Android operating system. Understand the complex landscape of Android security and the ongoing struggle to balance device customization with robust security measures.
Overview
Syllabus
OEMs Considered Harmful: Hello New 0Days! - Adam Donenfeld
Taught by
Security BSides London