Mark StevensTablet Hardening process
In the development environment, builds are not required to be release builds. Development Environment
- It is required that all key information is removed from logging calls.
Production apk builds for tablets are built in release mode:
- Debugging flag is disabled
- Proguard rules are standardized
- required that apk methods and classes are obfuscated
- all unused classes and methods are stripped
- apks are signed with a buzztime release keystore (not the android sdk default keystore)
APK deployment : Apks deployed to tablets are managed through a package manifest delivered through a SOAP request.
- Apk's that are not whitelisted or present in the manifest are removed from the tablet.
- Apk's in the manifest are securely downloaded and installed.
- Apk's in the com.buzztime package space must be signed with the buzztime release keystore
Runtime validations and security measures:
- Tablets do not enable ADB or USB modes at startup and only enable it if the tablet is associated with a site that is configured to allow it.
- The Buzztime Core package declares special permissions which may be used by applications to require that Intent, Service and ContentProvider requests are made only by buzztime signed applications.
- SSL HTTP client requests are configured to use TLS 1.2 and the allowed cipher list is pruned to remove all ciphers that have been identified as insecure.
- on Halo+ Tablets
- Device storage encryption is enabled and required
- SELinux is enabled and run in enforcing mode
- No security keys are present on devices until the it has been authenticated and encrypted.
- Firmware updates must be signed by the same key as the original Firmware signature.