Android Hacker's Handbook (Anglais) Broché – 18 avril 2014
|Neuf à partir de||Occasion à partir de|
Produits fréquemment achetés ensemble
Les clients ayant acheté cet article ont également acheté
Descriptions du produit
Présentation de l'éditeur
The first comprehensive guide to discovering and preventing attacks on the Android OS
As the Android operating system continues to increase its share of the smartphone market, smartphone hacking remains a growing threat. Written by experts who rank among the world′s foremost Android security researchers, this book presents vulnerability discovery, analysis, and exploitation tools for the good guys. Following a detailed explanation of how the Android OS works and its overall security architecture, the authors examine how vulnerabilities can be discovered and exploits developed for various system components, preparing you to defend against them.
If you are a mobile device administrator, security researcher, Android app developer, or consultant responsible for evaluating Android security, you will find this guide is essential to your toolbox.
- A crack team of leading Android security researchers explain Android security risks, security design and architecture, rooting, fuzz testing, and vulnerability analysis
- Covers Android application building blocks and security as well as debugging and auditing Android apps
- Prepares mobile device administrators, security researchers, Android app developers, and security consultants to defend Android systems against attack
Quatrième de couverture
A complete guide to securing the Android operating system
The Android Hacker s Handbook provides network security professionals and mobile device administrators with the specifics of the Android operating system from a security standpoint. This book explains how the operating system works, security risks associated with it, and the overall security architecture of the operating system. It also explains how vulnerabilities can be found in, and exploits developed for, various components of the system.
Written by some of the world s foremost Android security researchers, the Android Hacker s Handbook is the only resource of its kind to explore Android security on this level. This essential guide includes both implementation details as well as complexities introduced by the open nature of the OS.
- Become familiar with security implementation details, as well as complexities introduced by the open nature of the Android OS
- Avoid common security pitfalls and stay ahead of the latest smartphone hacking strategies
- Review the various types of attacks that have been successful against the Android OS
- Explore rooting and gain an understanding of the partition layout, boot process
- Understand the complex nature of the Android ecosystem, including the impact of various hardware vendors and software developers
Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.
Pour obtenir l'appli gratuite, saisissez votre adresse e-mail ou numéro de téléphone mobile.
Détails sur le produit
En savoir plus sur les auteursDécouvrez des livres, informez-vous sur les écrivains, lisez des blogs d'auteurs et bien plus encore.
Dans ce livre(En savoir plus)
Quels sont les autres articles que les clients achètent après avoir regardé cet article?
Commentaires en ligne
Meilleurs commentaires des clients
Pour les anglophones. Un livre assez pointu pour les non connaisseurs des systèmes et de la programmation sous Unix/Linux et Java, mais accessible à tout curieux de ce monde ouvert et/ou à tout curieux de ce que fait son portable android, et comment mieux le gérer.
A conseiller à tout curieux (anglophone) de ce qu'est une machine Android et comment l'atteindre au cœur.
Ouvrage récent ( couvrant jusqu'à Android 4.4.2 )
Commentaires client les plus utiles sur Amazon.com (beta)
After reading through each chapter, you'll feel like you've gained a huge knowledge base, which you could immediately apply in real-life scenario. I personally liked 4 chapters out of the total 13 the most - Debugging and Analysing Vulnerabilities (Chap7), User Space (Chap 8) Exploitation, ROP(Chap9) and Attacking RIL (Chap 11) .
Almost all of the concepts are explained along with the real code sample, which will help you when you try it out on your device. A perfect 5 for this book coming from the experts in Android Security.
The book is highly technical but progresses logically and systematically from the opening chapter's consideration of the Android ecosystem with particular emphasis on the security implications arising from implementation fragmentation and compatibility issues, through specific features of Android design and functionality and the vulnerabilities arising therefrom, and finally wrapping everything up with an exposition of the possibilities arising from direct access to Android devices' hardware components to further research device vulnerabilities. Along the way, individual chapters concentrate on subjects which include:
* Android security deign and architecture, including a look at its various logical layers
* rooting the device, including an overview of root exploits that have been used in the past
* application security issues including an overview of the common security issues affecting Android apps, with worked case studies which show how to identify security-pertinent components and then exploit them to compromise data security
* Android's overall attack surface, looking at all of the ways that Android devices can be attacked and how to identify exposed endpoints on an Android device
* fuzz testing, providing an introduction to fuzzing and moving to an exploration of high level process fuzzing including identifying targets, creating and processing test inputs, together with a full explanation of the challenges involved and the benefits that can be gained
* analysing vulnerabilities, showing how to find the root cause of these and judging their exploitability
* exploiting user space, including an exploration of how to develop an exploit that utilises user space memory corruption
* exploring the potential of return oriented programming for achieving arbitrary native code operation
* mounting kernel attacks by exploiting the monolithic design, distribution model, configuration and consequential vast exposed attack surface that the kernel presents
* an explanation of Android's radio interface layer, providing an understanding of the Android telephony stack, which allows monitoring of the communications between that layer and the manufacturer's modem which interfaces Android to cellular hardware
* an exposition of the various exploit mitigations which mark progress in the arms race between attacker and defender and providing a full summary of the various hardening measures that can be implemented.
The good thing about the book is that while each section flows naturally from the preceding one, each is also sufficiently complete and self-contained that the book can be dipped into and mined for information and assistance with specific topics without the need to work through all of the details of earlier chapters. The book is exemplary in the clarity of the writing as well as the comprehensiveness of the material it covers: those with the background knowledge necessary to understand the basic subject matter should find that they will learn a lot very quickly from this book.
As you have no doubt gathered by now, the book is not for the faint-hearted or for the novice reader. It assumes considerable knowledge of network systems security issues, as well as a sound working knowledge of Ubuntu and a familiarity with the Android Open Source Project. In places, it also expects a certain degree of comfort with assembly language programming. The book is very hands-on in its approach and consequently assumes the reader has ready access to an Android device (preferably from the Google Nexus family), an Ubuntu 12.04 development machine and copies of the Android Software Developers Kit and the Android Native Development Kit.
All in all, this book is an excellent tool in the on-going war against cyber exploits in the mobile domain and should be on the required reading list of all mobile security professionals, as well as each and every Android application developer. You can be pretty sure the bad guys will be queuing up to get their hands on it and will be devouring every piece of information within it!