Firefox OS Malware Prevention

advertisement
Text
Firefox OS Security
Paul Theriault, Sept 2013
Firefox OS Components
• Gaia
- User interface
• Gecko
• Gonk
– Browser Runtime
– underlying Linux OS, firmware etc
• Third-party
Apps - HTML/JS/CSS Apps
Gaia
• Collection
of web apps which run all UI
• https://github.com/mozilla-b2g/gaia
Gecko
• Web
APIs
navigator.telephony.dial('5551234')
navigator.mozTCPSocket.open("www.mozilla.org", 80);
• Gaia
Glue (see shell.js)
• Gonk
Glue (communication with daemons etc)
Gonk
• Lower-level
• Linux
operating system
kernel and HAL (Hardware Abstraction Layer)
• Open-source
• Android
lbs: libusb, bluez ...
libs: GPS, camera ...
Firefox OS Web Apps
• HTML,
JavaScript, CSS
• Defined
by location of manifest file
• Has
to be installed
• Can
be hosted remotely or in a local package
Challenge #1
Make the web trusted.
Permission Model
Type
Trust Level
Web
Untrusted
Privileged
Trusted
Certified
Highly Trusted
Controls
• Regular web security controls
• Packaged, signed apps.
• Reviewed & delivered from marketplace.
• Default CSP policy applied
•
•
•
•
System apps which run the phone
Apps developed by Mozilla and/or partners
Can’t be installed, must be created with build
Default CSP policy applied
Types vs Permissions
• Regular
• Web
Content : Geolocation, Fullscreen
apps Sensor API, Alarm API
• Privileged
apps : Camera API, Alarm API, TCP
Socket, Contacts API, Device Storage API, Browser
API, WiFi Information API, MobileNetwork API
• Certified
: Background services, WebSMS,
WebTelephony, WebBluetooth, MobileConnection
API, PowerManagementAPI, Push Notifications API,
Settings API, Permissions API, FM Radio
Full list
CSP
• Content
Security Policy
• https://developer.mozilla.org/Apps/CSP
• No
Remote scripts (include them in your app)
• No
dynamic script (onclick=“”, eval, Function(), etc)
• No
remote styles
Web Activities
• Provides
a mechanism for web apps to access
restricted APIs, by asking other apps to get data on
their behalf
• Also
use for user-mediated inter-app communication
Full list of activities
Challenge #2
Give users control, while protecting them.
Permission Checks
• Permission
• User
checks performed at first API use
has context of activity
• Can
install the app without granting permissions
• Can
change their mind later
Permission types
Explicit permissions
• Location,
contacts, images ,audio, video etc.
Implicit permissions
• TCPSocket,
mobilenetwork, systemXHR, alarms etc.
Challenge #3
Protect apps from each other.
Web App Sandbox
System Architecture
Getting Started
• Getting
started with apps
• http://buildingfirefoxos.com
• https://hacks.mozilla.org/
• Tablet
Contribution Program
Questions
Security overview
https://developer.mozilla.org/enUS/docs/Mozilla/Firefox_OS/Security/Security_model
Email: pauljt@mozilla.com
Download