<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>android on ryantzj</title><link>https://www.ryantzj.com/tags/android/</link><description>Recent content in android on ryantzj</description><generator>Hugo</generator><language>en</language><lastBuildDate>Fri, 29 Sep 2017 00:00:00 +0800</lastBuildDate><atom:link href="https://www.ryantzj.com/tags/android/index.xml" rel="self" type="application/rss+xml"/><item><title>Introduction to Dynamic instrumentation in Mobile Security</title><link>https://www.ryantzj.com/posts/dynamic-instrumentation-mobile-security/</link><pubDate>Fri, 29 Sep 2017 00:00:00 +0800</pubDate><guid>https://www.ryantzj.com/posts/dynamic-instrumentation-mobile-security/</guid><description>&lt;p>This is a follow-up blog post after my presentation at Nanyang Technological University’s CSEC Offensive Cyber Security Club, run by a group of highly motivated individuals. Please check out their &lt;a href="https://0x0ffff5ec.github.io">page&lt;/a> to find out when the next security meetup is.&lt;/p>
&lt;h2 id="motivation">Motivation&lt;/h2>
&lt;p>I find myself spending more and more time doing dynamic instrumentation and decided to collect some interesting technique I found while doing dynamic instrumentation in mobile security. My motivation of doing it is to:&lt;/p></description></item><item><title>Android Application/Package APK Structure Part 1</title><link>https://www.ryantzj.com/posts/android-apk-structure/</link><pubDate>Sun, 22 Jan 2017 00:00:00 +0800</pubDate><guid>https://www.ryantzj.com/posts/android-apk-structure/</guid><description>&lt;p>Android applications are installed in the form of application package files, commonly known as APK files. APK files are container files that contain both application code and resources, as well as the application manifest file. APK files are simply ZIP files and you can examine the content by extracting them with any compression utility that supports the ZIP format. You may notice that the naming convention for APK files is in reverse-domain style; this is to avoid naming collisions. The same naming convention can be seen in many places in Android, such as custom permissions and so on, e.g., com.ryantzj.testapp&lt;/p></description></item><item><title>Boot Sequence in Android</title><link>https://www.ryantzj.com/posts/boot-sequence-in-android/</link><pubDate>Sat, 14 Jan 2017 00:00:00 +0800</pubDate><guid>https://www.ryantzj.com/posts/boot-sequence-in-android/</guid><description>&lt;p>Having good knowledge about the boot sequence will be useful when troubleshooting a bricked Android device, flashing a custom ROM, or rooting. There are many device-specific forums that did amazing write-ups on those topics, so I will not be talking about it, but I will go through some of the basics on boot sequences in Android, different boot modes in Android, and how rooting works on an unlocked bootloader phone. While researching this topic, I stumbled upon a few interesting write-ups on rooting techniques for locked bootloader devices; maybe I will talk about that in the near future. :)&lt;/p></description></item><item><title>The Mystical Android Sandbox and IPC (Inter-process communication)</title><link>https://www.ryantzj.com/posts/android-sandbox-and-ipc/</link><pubDate>Mon, 09 Jan 2017 00:00:00 +0800</pubDate><guid>https://www.ryantzj.com/posts/android-sandbox-and-ipc/</guid><description>&lt;p>Android inherits many UNIX security features such as process isolation, UID and GID paradigm, and so on. The idea of Android sandbox is to basically assign each installed application a UID and its user space will conform to the principle of least privilege. Below is a great illustration to visualize Android sandboxing by assigning different UID to every application. This is a well-thought-out security mechanism that really mitigates and simplifies many permission problems that can exist in Android.&lt;/p></description></item></channel></rss>