Recently, at DEFCON 2018, researchers at Check Point announced a new kind of attack made possible by the way many Android apps are implemented. In summary, developers use the shared external storage space in an unsafe manner, by not taking into consideration that other apps also have read and write access to the same space. A malicious app can modify data used by another app, as a vector for compromising that app, causing it to be compromised or crash.
While Google does provide guidelines on safe external storage use, most developers ignore them. Here is what they say:
- “Perform input validation when handling data from external storage”
- “Do not store executables or class files on External Storage”
- “External Storage files should be signed and cryptographically verified prior to dynamic loading”
This is most likely due to lack of time or knowledge…. and, that is where our IOCipher encrypted virtual filesystem library for Android comes in!
IOCipher provides a virtual encrypted disk for Android apps without requiring the device to be rooted. It uses a clone of the standard
java.io API for working with files, so developers already know how to use it. Only password handling, and opening the virtual disk are what stand between the developer and working encrypted file storage. It is based on and SQLCipher, and designed to work with CacheWord for handling the keys and passwords.
Regarding the three guidelines from Google, by storing downloaded data into an IOCipher virtual volume, you both benefit from the use of external storage, while ensuring, thanks to cryptography, that your data or executable code has not been read or modified by another application. If a malicious application tries to access or modify the encrypted volume, it will be detected and not able to load, without causing a crash in the application.
You can find IOCipher on Github today (and likely get it implemented in your app today, as well!)