Analysis of Russian Apps for TSPU-Related Risks
Description
The landscape of internet freedom and surveillance is constantly evolving, with various countries employing technical measures to control online information and monitor citizens. Russia's internet ecosystem presents a unique case study, with the recent establishment of a domestic Trusted Root Certificate Authority (CA) and the ongoing utilization of the "Technical Measures to Combat Threats" (TSPU) devices with government-mandated deployment by internet service providers. This thesis investigates the potential risks associated with these developments, focusing on the vulnerability of Russian Android applications to targeted JavaScript attacks compromising the privacy and security of their users.This analysis of Russian Android applications reveals the existence of the Russian CA certificate embedded into the application packages, enabling the Russian government to intercept and manipulate encrypted TLS traffic. Simulating TSPU behavior with mitmproxy demonstrates the susceptibility of all tested applications to JavaScript injection attacks, allowing targeted government surveillance. This thesis proposes several mitigation strategies and highlights the need for a systemic solution to address the security risks associated with government-controlled CAs in applications, considering Google Play Market restrictions on such certificate inclusion. This thesis contributes to the evolving discussion on internet freedom and cybersecurity in Russia by exposing the unique vulnerabilities faced by users within the Russian digital ecosystem.
Date Created
The date the item was original created (prior to any relationship with the ASU Digital Repositories.)
2024
Agent
- Author (aut): Konyukhov, Vitaliy
- Thesis advisor (ths): Crandall, Jedidiah
- Committee member: Wang, Fish
- Committee member: Bazzi, Rida
- Publisher (pbl): Arizona State University