Thursday, February 2, 2012

[Android技術公報]談談Android的安全性

撰寫時間︰2012/02/03 11:40
更新時間︰2012/02/03 15:25
文章更新次數︰1


今天Android 技術公報中,
Android 副總裁Hiroshi Lockheimer寫了一篇關於「Android與安全」的文章在他的Google+中。


Android and Security Thursday, February 2, 2012 | 12:03 PM By Hiroshi Lockheimer, VP of Engineering, Android The last year has been a phenomenal one for the Android ecosystem. Device activations grew 250% year-on-year, and the total number of app downloads from Android Market topped 11 billion. As the platform continues to grow, we’re focused on bringing you the best new features and innovations - including in security. 
去年度是Android生態系統非凡的一年,
裝置啟用率一年一年的成長了250%,
Android市集的App總下載次數又達到了110億次,
隨著裝置持續的成長,
我們也將焦點放在一個最新的功能和革新上,
那就是-Android的安全性問題。

Adding a new layer to Android security
新增了一層防護到Android安全中

Today we’re revealing a service we’ve developed, codenamed Bouncer, which provides automated scanning of Android Market for potentially malicious software without disrupting the user experience of Android Market or requiring developers to go through an application approval process.
我們持續不斷的跟大眾告知我們開發了一個代號叫"Bouncer(保鑣)"服務,
這個服務會在不影響使用者體驗下,
自動掃描在Android Market中潛在的惡意程式,
並要求開發者通過該軟體的審核流程。

The service performs a set of analyses on new applications, applications already in Android Market, and developer accounts. Here’s how it works: once an application is uploaded, the service immediately starts analyzing it for known malware, spyware and trojans. It also looks for behaviors that indicate an application might be misbehaving, and compares it against previously analyzed apps to detect possible red flags. We actually run every application on Google’s cloud infrastructure and simulate how it will run on an Android device to look for hidden, malicious behavior. We also analyze new developer accounts to help prevent malicious and repeat-offending developers from coming back.
"Bouncer(保鑣)"服務對新上傳的App或已在Android市集上的App、
甚至是開發者帳戶底下的App執行了數種分析,
它的運作方式是︰
一旦App經上傳,
"保鑣"服務就會立刻對此App針測是否含惡意、間諜或木馬程式,
也順便檢測並能夠指出程式中不應該要有的行為,
並跟前一版App做比較,
找出程式中可能隱含的"紅燈區",
我們已實際在Google雲端對每一隻App執行此動作,
並且去實際模擬這些惡意程式如果在裝置上會如何運作、隱藏、或會產生怎樣的惡意行為。
我們也對開發者帳戶做分析,
防止惡意且累犯的開發者回到Android生態中。

Android malware downloads are decreasing
Android的惡意程式下載量已逐步減少

The service has been looking for malicious apps in Market for a while now, and between the first and second halves of 2011, we saw a 40% decrease in the number of potentially-malicious downloads from Android Market. This drop occurred at the same time that companies who market and sell anti-malware and security software have been reporting that malicious applications are on the rise. While it’s not possible to prevent bad people from building malware, the most important measurement is whether those bad applications are being installed from Android Market - and we know the rate is declining significantly.
"保鑣"服務已經在Market上運行一段時間了,
從2011年第1季至2季中旬,
我們看到在Android Market的潛在惡意程式下載量已經減少了40%。
那些防止惡意軟體的防護公司所銷售的安全防護軟體也是功臣之一。
雖說這無法防止那些壞蛋又做出惡意程式,
但是惡意軟體的比率已有顯著的減少卻是真的事實。

Android makes malware less potent Android
讓惡意軟體大量降低

In addition to using new services to help prevent malware, we designed Android from the beginning to make mobile malware less disruptive. In the PC model, malware has more potential to misuse your information. We learned from this approach, designing Android for Internet-connected devices. Some of Android’s core security features are:
為了讓保鑣能有效預防惡意軟體,
我們在Android當初在設計時,
就已經做了阻斷惡意軟體侵蝕的架構了,
在pc模式中,
惡意軟體會在潛在的狀況下使用你的個人資料,
我們依照此方式,
將Android設計成需要網路連線的裝置,
Android也因而有底下幾個安全核心功能在其中︰

Sandboxing: The Android platform uses a technique called “sandboxing” to put virtual walls between applications and other software on the device. So, if you download a malicious application, it can't access data on other parts of your phone and its potential harm is drastically limited.
沙盒︰
Android平臺使用"沙盒"技術,
放置一個虛擬牆到軟體和其它軟體之間,
如果你下載了惡意程式,
它是無法存取你的手機的其它位置的資料的,
因此這種潛在攻擊會招到限制。

Permissions: Android provides a permission system to help you understand the capabilities of the apps you install, and manage your own preferences. That way, if you see a game unnecessarily requests permission to send SMS, for example, you don’t need to install it.
權限的認可︰
Android提供了權限認可系統幫你了解你現在要安裝的App需要哪些能力,
你能自我管理。
因此,
如果你看到一款你正要安裝的遊戲,
跟你要求一個完全不相干的權限,
像︰發送簡訊,
那麼,你就不要去安裝它。

Malware removal: Android is designed to prevent malware from modifying the platform or hiding from you, so it can be easily removed if your device is affected. Android Market also has the capability of remotely removing malware from your phone or tablet, if required. 
移除惡意軟體︰
因為Android的設計是能讓你能自由的修改或隱藏App,
因此如果你的裝置受到攻擊,
你都能很輕鬆的移除該App。
Android Market也有能力在需要的狀況下,
遠端將你手機或平板使用的惡意軟體移除

No security approach is foolproof, and added scrutiny can often lead to important improvements. Our systems are getting better at detecting and eliminating malware every day, and we continue to invite the community to work with us to keep Android safe.
沒有安全管理的系統是很愚蠢的事,
增加審核通常能讓你的裝置更好。
我們的系統每天都不斷的針測和排除惡意程式,
而且也越做越好,
我們會持續的做好Android安全性的工作。

No comments: