Blog

Android Sandboxing Defense Mechanisms (Part I)

     
By on March 6, 2014 - 5 Minutes

Android manages the lifetime and data of sandboxed applications without “asking” the developer. Therefore some applications that should always be running in the background might suffer from lack of control. Users also often try to manipulate programs, in order to manually close them or wipe their data. While developing applications for this platform, I learned a couple of ways to improve this situation.

Apps running in the background

The well known and documented part of the solution is to create a foreground service and return START_STICKY to allow running the service continuously. This service is still vulnerable to various actions that the system or user might take to stop it and clean the data that belongs to this app.

Requesting the application as the device administrator also allows to defend such program from being closed or uninstalled. Unfortunately Android 2.3 and older don’t protect the “Administrator application” from being forcedly closed or wiped in the application manager. Before I explain how this can be avoided, I’d like to clear up some misconceptions about apps running in the background on Android devices.

Is this app still running in the background?

Typical Android users can see the recent applications on the launcher screen as the apps currently running in the background. That’s true, although these applications might not be using any active device resources. They might be simply “frozen” in the last state in which they were left, and even if Android decides to close them (i.e. because of the memory limitations), they will resume in the same state (assuming developers did the right job).

List of recent applications as seen in the Android 4.x
List of recent applications as seen in the Android 4.x

Common perception is that swiping these applications out of the screen terminates them. Once started again, they will begin at the standard “entry point” of the application. So have they been removed? Visually, yes. Some say “out of sight, out of mind”. But the truth is that programs might have components that run in the background silently.

Running processes page in the Apps section of the System Settings.
Running processes page in the Apps section of the System Settings.

Those who navigate through the menus more will probably find the “Running” tab in the Apps menu in the Settings. These are the processes that can be stopped (at least Android UI gives that illusion). But this can be like an uphill battle because many applications being killed this way often re-appear in the “running” section (like a zombie)! The Google Location Service is a prime example of this behaviour.

Resource usage
Application monitoring resource usage

There are some power-users who search for 3rd-party applications to help them monitor and manage tasks currently running in the background, some of them periodically wiping the list of the running apps. They’re not very effective though, when faced with more “stubborn” applications.

Working around the task killer

Continuous execution of a service can be assured with a couple of programming tricks. Setting the recurring delayed events from the service allows to restart if it suddenly crashed. This can be achieved with System alarms. The best option here is to create the receiver for the time tick event.

This doesn’t work when programs are killed from the “running processes” tab in the Application Manager. Alarms are removed when the process is stopped from the “running processes” tab, but I have discovered that this doesn’t apply to all type of events. Creating broadcast alarms allows to restart the service stopped this way.

 Can I really, really close that app now?!

Closing the application using the "Force stop button" is the most effective.
Closing the application using the “Force stop button” is the most effective.

Not many Android users are actually aware that there is a better way to terminate the application running in the background, by actually going into this application’s details and clicking on the “Force stop” button. This is one of the most effective ways to stop application from waking up in the background again.

Application data

Each application installed in the Android device has its own storage space, usually in the “/data/data/com.example.app” folder that is secure and private to this application (unless developers decide to make these files MODE_WORLD_READABLE which is highly discouraged).

When the “Clear data” button is pressed in the application details, this private data is completely wiped, together with preferences, cache and databases which might have been stored there. This usually leaves the application in the “factory” state, like if it was deleted and installed again. While this might be a useful function, it doesn’t have to be good to all users to expose the “wipe” functionality to everyone who can accidentally access the device.

One of the ways to prevent this from happening is to set the application as the Device Administrator, but this might be unreasonable if the application’s purpose is not clearly to take over the phone or if the brand behind the application doesn’t create enough trust. And even with Device Administrator active on Android Froyo and Gingerbread application is vulnerable to wiping its data.

There is a way to secure the “clean data” with password. This can be achieved by assigning the property in the application manifest.

Then in the activity, we can check credentials or whatever confirmation that’s required and clean the app with the following code:

Wrap-up

Knowing the programming techniques pinpointed above, you can take much more control of the data and application life-cycle in the Android system. All this has been done with the use of legitimate ways and within the limits of the good programming practice.

But even in this sandboxed environment there are ways to make a “zombie app” really hard to eradicate. It is out of the scope of this article, but stay focused and keep reading our blog to get to know more in the next part of this series.

Thanks to Xavi, Hannes and Jordi for the research done in contribution to developing these solutions.

Read the comments
Avatar
One Step Ahead. We want to be at the top of what’s happening in technology, digital marketing and design. We continuously educate ourselves, and experiment with the latest trends to stay ahead of everyone else. That’s why we’re able to give you a competitive advantage in the market. On top of that, our way of working is quite unique in the industry. We're one step ahead.

Want to receive more insightful articles like this? Subscribe here.


By submitting your information you agree to our Privacy Policy