Android Smartphone Security (S2)

Security Education Platform

Organization: Cal Poly Pomona
Contributors: Joseph Afework and Dr. Mohammad I. Husain (CPP)

While often overlooked, breaches in privacy are not only triggered by ill willing adversaries, but by lapses in our present day laws. From the perspective of a typical user, there is almost nothing on a phone that should not have a reasonable expectation to privacy. From personal contacts to private pictures, a user should expect that their personal information will be subjugated to the appropriate due processes afforded to them by their legal system. As mobile computing has exploded in growth and adoption, our laws have failed to keep up with the technology. A recent decision of the Supreme Court illustrates this perfectly as the court stated:

“the fact that technology now allows an individual to carry such information in his hand does not make the information any less worthy of the protection…” [1].

It is the opinion of the Supreme Court, that people need to be protected as the capabilities of new technologies continue to grow. While it is difficult to educate users on policies and law, a more pragmatic approach is to educate users on maintaining good personal security and best practices.

The intended goal of this project is to showcase a novel platform for effectively teaching mobile security. The platform is modular in design and can be a very cost effective approach to teaching mobile security, and can easily be adopted alongside traditional curriculum. Using this platform, users will be able to intimately explore and observe mobile devices by directly controlling remotely hosted devices in real-time. Through the use of virtualized interfaces, a pool of remote devices can be aggregated and shared across many users forming a very low cost device farm for education that can be accessed across any geographic region via the internet. By sharing resources (mobile devices), the barrier to entry can be drastically lowered which gives students, faculty, or any users of our platform access to a wide variety of devices without high startup costs.

[1] Electronic Privacy Research Center