DOCSLIB.ORG

ANALYZING PRACTICAL COMMUNICATION SECURITY of ANDROID VENDOR APPLICATIONS Master of Science Thesis

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
ANALYZING PRACTICAL COMMUNICATION SECURITY of ANDROID VENDOR APPLICATIONS Master of Science Thesis JUHO NURMI ANALYZING PRACTICAL COMMUNICATION SECURITY OF ANDROID VENDOR APPLICATIONS Master of Science Thesis Examiner: Professor Jarmo Harju Examiner and topic approved by the Council of the Faculty of Computing and Electrical Engineering on October 8th, 2014 ii ABSTRACT TAMPERE UNIVERSITY OF TECHNOLOGY Master’s Degree Programme in Information Technology Nurmi, Juho: Analyzing practical communication security of Android vendor applications Master of Science Thesis, 87 pages, 9 Appendix pages December 2014 Major: Communication Networks and Protocols Examiner: Professor Jarmo Harju Keywords: Android, Information security, mobile device, security weakness, MITM, SSL, TLS, certificate The development of mobile devices and the new personalized services have gone to the point, where users do not alone control their data. While the devices are in constant communication with the cloud services the user’s data and the data of the user move ever more to the services providers’ cloud services. Little is known about how and how well service providers protect the users’ information. The work studies two biggest western Android based ecosystems, Google’s and Amazon’s, own applications’ practical security in the communication process. The aim is to identify all mechanisms used to protect the information that is communicated with the Android device. The study used one device from Amazon and Google, and the application market was chosen from both service providers for in-depth study. The applications were selected on the basis that they must provide same service in order to make the comparison possible. In practice, the applications and devices were studied by performing active and passive Man-in-the-middle (MITM) attacks in network laboratory. The communications were intercepted and analysed afterwards. Both vendors relied heavily on SSL/TLS protocol. Also in common was the usage, roles and acquirement of authorization tokens. Amazon’s client applications were noticed to use digital signatures. The biggest difference between the market applications was that Google required authentication when buying an application, while Amazon did not require it. During the same authentication Google sent user’s password in plaintext inside the TLS connection. During the less frequently happening registration of the user’s Google account to the device the user’s password is sent instead encrypted inside the TLS connection. An active MITM attack was performed on the Google device and account to demonstrate what the attacker can do in practice, when SSL/TLS connection is compromised. With manipulating traffic and intercepting authorization tokens the attacker is able to spy the victim and access to nearly all the victim’s Google data for the present. In addition, the attacker can “force” the victim to register herself again to the Android device and the attacker can use the victim’s intercepted encrypted password to add the victim’s Google account to her own device. iii TIIVISTELMÄ TAMPEREEN TEKNILLINEN YLIOPISTO Tietotekniikan koulutusohjelma Nurmi, Juho: Analyzing practical communication security of Android vendor applications Diplomityö, 87 sivua, 9 liitesivua Joulukuu 2014 Pääaine: Tietoliikenneverkot ja -protokollat Tarkastaja: professori Jarmo Harju Avainsanat: Android, tietoturvallisuus, mobiililaite, tietoturvaheikkous, välimieshyökkäys, SSL, TLS, sertifikaatti Älylaitteiden kehitys ja palveluntarjoajien uudet henkilökohtaisemmat palvelut ovat johtaneet siihen, että käyttäjät eivät enää yksin hallitse tietojaan. Laitteiden ollessa jat- kuvassa yhteydessä pilvipalveluihin käyttäjien tiedot ja tietoa heistä siirtyy yhä enem- män palveluntarjoajien pilvipalveluihin. Siitä miten ja kuinka hyvin palveluntarjoajat suojaavat käyttäjien tietoja, tiedetään hyvin vähän. Työssä tutkitaan kahden suurimman länsimaisen Android-pohjaisen ekosysteemin, Googlen ja Amazonin, omien ohjelmien tietoliikenteen tietoturvallisuutta käytännössä. Tavoitteena oli selvittää kaikki ne mekanismit, joilla Android-laitteesta lähtevää tietolii- kennettä suojataan. Tutkimuksessa käytettiin Amazonilta ja Googlelta yhtä laitetta, sekä molemmilta valittiin sovelluskauppa tarkempaa tutkimusta varten. Applikaatiot valittiin sillä perusteella, että niiden piti tuottaa käyttäjälle samaa palvelua vertailun mahdollis- tamiseksi. Laitteita ja applikaatioita tutkittiin käytännössä suorittamalla niille sekä pas- siivisia että aktiivisia välimieshyökkäyksiä verkkolaboratoriossa. Tietoliikenne kaapat- tiin talteen ja analysoitiin jälkikäteen. Molempien valmistajien ohjelmien, sekä laitteiden tietoturvan havaittiin nojautuvan vahvasti kuljetuskerroksen tunnelointiprotokollaan (SSL/TLS). Lisäksi yhteistä oli auktorisointitokenien käyttö, niiden roolit sekä hakuprosessi. Amazonin asiakasappli- kaation havaittiin käyttävän digitaalisia allekirjoituksia. Sovelluskauppojen isoimmaksi eroksi havaittiin Googlen vaativan käyttäjää tunnistautumaan ostaessaan applikaatiota, mitä Amazonilla ei vaadittu. Googlella samaisen tunnistautumisen yhteydessä havaittiin käyttäjän salasanan välittyvän selkokielisenä TLS-tunnelin sisällä. Harvoin tapahtuvan Google-käyttäjätunnuksen laitteeseen rekisteröimisen yhteydessä käyttäjän salasana sen sijaan välitetään salattuna TLS-tunnelin sisällä. Googlen laitteelle ja tunnukselle suoritettiin vielä aktiivinen välimieshyökkäys de- monstroimaan mitä hyökkääjä voi tehdä käytännössä, kun TLS-protokolla pettää. Mani- puloimalla liikennettä ja kaappaamalla auktorisointitokeneita hyökkääjän havaittiin pystyvän vakoilemaan uhria ja pääsevän toistaiseksi käsiksi etänä lähes kaikkiin uhrin Google-tunnuksen tietoihin. Lisäksi hyökkääjä pystyy ”pakottamaan” uhrin rekisteröi- tymään Android-laitteelleen uudestaan, minkä yhteydessä hyökkääjä voi käyttää uhrin kaapattua salattua salasanaa uhrin Google-tunnuksen lisäämiseen omalle laitteelleen. iv PREFACE This thesis was written as a master’s thesis for Tampere University of Technology (TUT) in department of Pervasive Computing. Thesis was examined by Professor Jarmo Harju from TUT. When I started to work on this thesis, I knew basically nothing of Android and especially its security, so the whole journey was very interesting. Everywhere you looked at, you saw something new and you had (urge) to understand it. There are a lot of people I really have to thank for: I would like to thank Professor Jarmo Harju and Nokia Oyj for offering me this interesting topic. I would also like to thank Mika Anttila, Sami Majaniemi and Anssi Juvonen from Nokia for guiding me and giving me a flying start. In addition, I thank Joona Kannisto and Billy Bob Brumley for helping me with cryptology related questions and my colleagues for enduring my constant bombardment of questions. Special thanks goes to Tanel for enduring in the trenches with me everything that TUT threw at us over the years. Most of all, I want thank my family for their support and encouragement during my studies. Juho Nurmi, 11 November 2014 v CONTENTS 1 Introduction ............................................................................................................... 1 2 Security basics ........................................................................................................... 3 2.1 Basic terms ........................................................................................................ 3 2.2 Token................................................................................................................. 3 2.3 Cryptographic hash function ............................................................................. 4 2.4 MAC and HMAC .............................................................................................. 6 2.5 Digital signature ................................................................................................ 7 2.6 Public Key Infrastructure X.509 ....................................................................... 9 2.7 SSL/TLS .......................................................................................................... 10 2.8 Man-in-the-middle attack ................................................................................ 11 3 Test environment ..................................................................................................... 12 3.1 Android and Used software ............................................................................. 12 3.1.1 Android OS ........................................................................................ 12 3.1.2 OpenSSL ............................................................................................ 12 3.1.3 MITM software – SSLsplit & mitmproxy ......................................... 12 3.1.4 Wireshark ........................................................................................... 13 3.1.5 Other software.................................................................................... 13 3.2 The environment ............................................................................................. 13 4 Google and Amazon ................................................................................................ 16 4.1 Google’s and Amazon’s market places ........................................................... 16 4.2 Google specific details .................................................................................... 18 4.2.1 Google Login Service and Google Play Services .............................. 18 4.2.2 ClientLogin .......................................................................................
Load more

Recommended publications
  • Elastic Load Balancing Application Load Balancers Elastic Load Balancing Application Load Balancers
    Elastic Load Balancing Application Load Balancers Elastic Load Balancing Application Load Balancers Elastic Load Balancing: Application Load Balancers Copyright © Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by Amazon. Elastic Load Balancing Application Load Balancers Table of Contents What is an Application Load Balancer? .................................................................................................. 1 Application Load Balancer components ......................................................................................... 1 Application Load Balancer overview ............................................................................................. 2 Benefits of migrating from a Classic Load Balancer ........................................................................ 2 Related services ......................................................................................................................... 3 Pricing ...................................................................................................................................... 3 Getting started .................................................................................................................................
    [Show full text]
  • TR-069 CPE WAN Management Protocol V1.1
    TECHNICAL REPORT TR-069 CPE WAN Management Protocol v1.1 Version: Issue 1 Amendment 2 Version Date: December 2007 © 2007 The Broadband Forum. All rights reserved. CPE WAN Management Protocol v1.1 TR-069 Issue 1 Amendment 2 Notice The Broadband Forum is a non-profit corporation organized to create guidelines for broadband network system development and deployment. This Technical Report has been approved by members of the Forum. This document is not binding on the Broadband Forum, any of its members, or any developer or service provider. This document is subject to change, but only with approval of members of the Forum. This document is provided "as is," with all faults. Any person holding a copyright in this document, or any portion thereof, disclaims to the fullest extent permitted by law any representation or warranty, express or implied, including, but not limited to, (a) any warranty of merchantability, fitness for a particular purpose, non-infringement, or title; (b) any warranty that the contents of the document are suitable for any purpose, even if that purpose is known to the copyright holder; (c) any warranty that the implementation of the contents of the documentation will not infringe any third party patents, copyrights, trademarks or other rights. This publication may incorporate intellectual property. The Broadband Forum encourages but does not require declaration of such intellectual property. For a list of declarations made by Broadband Forum member companies, please see www.broadband-forum.org. December 2007 © The Broadband
    [Show full text]
  • Alibaba Cloud
    AAlliibbaabbaa CClloouudd Alibaba Cloud SSerrvveer rL oLaoda Bda laBnaclearncer ListLeinsetresners Document Version: 20210922 Document Version: 20210922 Server Load Balancer List eners·Legal disclaimer Legal disclaimer Alibaba Cloud reminds you t o carefully read and fully underst and t he t erms and condit ions of t his legal disclaimer before you read or use t his document . If you have read or used t his document , it shall be deemed as your t ot al accept ance of t his legal disclaimer. 1. You shall download and obt ain t his document from t he Alibaba Cloud websit e or ot her Alibaba Cloud- aut horized channels, and use t his document for your own legal business act ivit ies only. The cont ent of t his document is considered confident ial informat ion of Alibaba Cloud. You shall st rict ly abide by t he confident ialit y obligat ions. No part of t his document shall be disclosed or provided t o any t hird part y for use wit hout t he prior writ t en consent of Alibaba Cloud. 2. No part of t his document shall be excerpt ed, t ranslat ed, reproduced, t ransmit t ed, or disseminat ed by any organizat ion, company or individual in any form or by any means wit hout t he prior writ t en consent of Alibaba Cloud. 3. The cont ent of t his document may be changed because of product version upgrade, adjust ment , or ot her reasons. Alibaba Cloud reserves t he right t o modify t he cont ent of t his document wit hout not ice and an updat ed version of t his document will be released t hrough Alibaba Cloud-aut horized channels from t ime t o t ime.
    [Show full text]
  • Memento: Time Travel for the Web
    Memento: Time Travel for the Web Herbert Van de Sompel Michael L. Nelson Robert Sanderson Los Alamos National Old Dominion University, Los Alamos National Laboratory, NM, USA Norfolk, VA, USA Laboratory, NM, USA [email protected] [email protected] [email protected] Lyudmila L. Balakireva Scott Ainsworth Harihar Shankar Los Alamos National Old Dominion University, Los Alamos National Laboratory, NM, USA Norfolk, VA, USA Laboratory, NM, USA [email protected] [email protected] [email protected] ABSTRACT 1. INTRODUCTION The Web is ephemeral. Many resources have representa- \The web does not work," my eleven year old son com- tions that change over time, and many of those represen- plained. After checking power and network connection, I tations are lost forever. A lucky few manage to reappear realized he meant something rather more subtle. The URI as archived resources that carry their own URIs. For ex- (http://stupidfunhouse.com) he had bookmarked the year ample, some content management systems maintain version before returned a page that didn't look like the original at pages that reflect a frozen prior state of their changing re- all, and definitely was not fun. He had just discovered that sources. Archives recurrently crawl the web to obtain the the web has a terrible memory. actual representation of resources, and subsequently make Let us restate the obvious: the Web is the most pervasive those available via special-purpose archived resources. In information environment in the history of humanity; hun- both cases, the archival copies have URIs that are protocol- dreds of millions of people1 access billions of resources2 using wise disconnected from the URI of the resource of which a variety of wired or wireless devices.
    [Show full text]
  • TR-069: CPE WAN Management Protocol
    TECHNICAL REPORT TR-069 CPE WAN Management Protocol Issue: Amendment 6 Corrigendum 1 Issue Date: June 2020 CWMP Version: 1.4 © Broadband Forum. All rights reserved. CPE WAN Management Protocol TR-069 Issue Amendment 6 Corrigendum 1 Notice The Broadband Forum is a non-profit corporation organized to create guidelines for broadband network system development and deployment. This Technical Report has been approved by members of the Forum. This Technical Report is subject to change. This Technical Report is owned and copyrighted by the Broadband Forum, and all rights are reserved. Portions of this Technical Report may be owned and/or copyrighted by Broadband Forum members. Intellectual Property Recipients of this Technical Report are requested to submit, with their comments, notification of any relevant patent claims or other intellectual property rights of which they may be aware that might be infringed by any implementation of this Technical Report, or use of any software code normatively referenced in this Technical Report, and to provide supporting documentation. Terms of Use 1. License Broadband Forum hereby grants you the right, without charge, on a perpetual, non- exclusive and worldwide basis, to utilize the Technical Report for the purpose of developing, making, having made, using, marketing, importing, offering to sell or license, and selling or licensing, and to otherwise distribute, products complying with the Technical Report, in all cases subject to the conditions set forth in this notice and any relevant patent and other intellectual property rights of third parties (which may include members of Broadband Forum). This license grant does not include the right to sublicense, modify or create derivative works based upon the Technical Report except to the extent this Technical Report includes text implementable in computer code, in which case your right under this License to create and modify derivative works is limited to modifying and creating derivative works of such code.
    [Show full text]
  • Flow-Based Compromise Detection Rick Hofstede Graduation Committee
    Flow-based Compromise Detection Rick Hofstede Graduation Committee Chairman: Prof. dr. P.M.G. Apers Promotor: Prof. dr. ir. A. Pras Co-promotor: Prof. Dr. rer. nat. G. Dreo Rodosek Members: dr. A. Sperotto University of Twente, The Netherlands Prof. dr. P.H. Hartel University of Twente, The Netherlands Delft University of Technology, The Netherlands TNO Cyber Security Lab, The Netherlands Prof. dr. ir. L.J.M. Nieuwenhuis University of Twente, The Netherlands Prof. dr. ir. C.T.A.M. de Laat University of Amsterdam, The Netherlands Prof. dr. ir. H.J. Bos VU University, The Netherlands Prof. Dr. rer. nat. U. Lechner Universit¨atder Bundeswehr M¨unchen, Germany Prof. Dr. rer. nat. W. Hommel Universit¨atder Bundeswehr M¨unchen, Germany Funding sources EU FP7 UniverSelf { #257513 EU FP7 FLAMINGO Network of Excellence { #318488 EU FP7 SALUS { #313296 EIT ICT Labs { #13132 (Smart Networks at the Edge) SURFnet GigaPort3 project for Next-Generation Networks CTIT Ph.D. thesis series no. 16-384 Centre for Telematics and Information Technology CTIT P.O. Box 217 7500 AE Enschede, The Netherlands ISBN: 978-90-365-4066-7 ISSN: 1381-3617 DOI: 10.3990/1.9789036540667 http://dx.doi.org/10.3990/1.9789036540667 Typeset with LATEX. Printed by Gildeprint, The Netherlands. Cover design by David Young. This thesis is licensed under a Creative Commons Attribution- NonCommercial-ShareAlike 3.0 Unported License. http://creativecommons.org/licenses/by-nc-sa/3.0/ This thesis has been printed on paper certified by FSC (Forest Stewarding Council). FLOW-BASED COMPROMISE DETECTION THESIS to obtain the degree of doctor at the University of Twente, on the authority of the Rector Magnificus, prof.
    [Show full text]
  • Kernel HTTPS/TCP/IP Stack for HTTP Ddos Mitigation
    Kernel HTTPS/TCP/IP stack for HTTP DDoS mitigation Alexander Krizhanovsky Tempesta Technologies, Inc. [email protected] Who am I? CEO & CTO at Tempesta Technologies (Seattle, WA) Developing Tempesta FW – open source Linux Application Delivery Controller (ADC) Custom software development in: ● high performance network traffic processing e.g. WAF mentioned in Gartner magic quadrant ● Databases e.g. MariaDB SQL System Versioning https://github.com/tempesta-tech/mariadb https://m17.mariadb.com/session/technical-preview-temporal- querying-asof HTTPS challenges HTTP(S) is a core protocol for the Internet (IoT, SaaS, Social networks etc.) HTTP(S) DDoS is tricky ● Asymmetric DDoS (compression, TLS handshake etc.) ● A lot of IP addresses with low traffic ● Machine learning is used for clustering ● How to filter out all HTTP requests with “Host: www.example.com:80”? ● "Lessons From Defending The Indefensible": https://www.youtube.com/watch?v=pCVTEx1ouyk TCP stream filter IPtables strings, BPF, XDP, NIC filters ● HTTP headers can cross packet bounds ● Scan large URI or Cookie for Host value? Web accelerator ● aren’t designed (suitable) for HTTP filtering IPS vs HTTP DDoS e.g. Suricata, has powerful rules syntax at L3-L7 Not a TCP end point => evasions are possible SSL/TLS SSL terminator is required => many data copies & context switches or double SSL processing (at IDS & at Web server) Double HTTP parsing Doesn’t improve Web server peroformance (mitigation != prevention) Interbreed an HTTP accelerator and a firewall TCP & TLS end point Very fast
    [Show full text]
  • Stopping DNS Rebinding Attacks in the Browser
    Stopping DNS Rebinding Attacks in the Browser Mohammadreza Hazhirpasand, Arash Ale Ebrahim and Oscar Nierstrasz University of Bern, Switzerland Keywords: DNS Rebinding, Browser Security, Web Security. Abstract: DNS rebinding attacks circumvent the same-origin policy of browsers and severely jeopardize user privacy. Although recent studies have shown that DNS rebinding attacks pose severe security threats to users, up to now little effort has been spent to assess the effectiveness of known solutions to prevent such attacks. We have carried out such a study to assess the protective measures proposed in prior studies. We found that none of the recommended techniques can entirely halt this attack due to various factors, e.g., network layer encryption renders packet inspection infeasible. Examining the previous problematic factors, we realize that a protective measure must be implemented at the browser-level. Therefore, we propose a defensive measure, a browser plug-in called Fail-rebind, that can detect, inform, and protect users in the event of an attack. Afterwards, we discuss the merits and limitations of our method compared to prior methods. Our findings suggest that Fail- rebind does not necessitate expert knowledge, works on different OSes and smart devices, and is independent of networks and location. 1 INTRODUCTION bypass firewalls, gain access to either internal ma- chines in the victim’s private network or the victim’s In a DNS rebinding attack, an attacker uses a custom resources, fetch sensitive resources, and compromise DNS server to spoof the IP address of the victim, and vulnerable internal machines. thus obtain read access to the victim’s server.
    [Show full text]
  • Webdav) Protocol: Microsoft Extensions
    [MS-WDVME]: Web Distributed Authoring and Versioning (WebDAV) Protocol: Microsoft Extensions Intellectual Property Rights Notice for Open Specifications Documentation . Technical Documentation. Microsoft publishes Open Specifications documentation (“this documentation”) for protocols, file formats, data portability, computer languages, and standards support. Additionally, overview documents cover inter-protocol relationships and interactions. Copyrights. This documentation is covered by Microsoft copyrights. Regardless of any other terms that are contained in the terms of use for the Microsoft website that hosts this documentation, you can make copies of it in order to develop implementations of the technologies that are described in this documentation and can distribute portions of it in your implementations that use these technologies or in your documentation as necessary to properly document the implementation. You can also distribute in your implementation, with or without modification, any schemas, IDLs, or code samples that are included in the documentation. This permission also applies to any documents that are referenced in the Open Specifications documentation. No Trade Secrets. Microsoft does not claim any trade secret rights in this documentation. Patents. Microsoft has patents that might cover your implementations of the technologies described in the Open Specifications documentation. Neither this notice nor Microsoft's delivery of this documentation grants any licenses under those patents or any other Microsoft patents. However, a given Open Specifications document might be covered by the Microsoft Open Specifications Promise or the Microsoft Community Promise. If you would prefer a written license, or if the technologies described in this documentation are not covered by the Open Specifications Promise or Community Promise, as applicable, patent licenses are available by contacting [email protected].
    [Show full text]
  • A Comprehensive Formal Security Analysis of Oauth 2.0
    A Comprehensive Formal Security Analysis of OAuth 2.0∗ Daniel Fett Ralf Küsters University of Trier, Germany University of Trier, Germany [email protected] [email protected] Guido Schmitz University of Trier, Germany [email protected] The OAuth 2.0 protocol is one of the most widely deployed authorization/single sign-on (SSO) proto- cols and also serves as the foundation for the new SSO standard OpenID Connect. Despite the popularity of OAuth, so far analysis efforts were mostly targeted at finding bugs in specific implementations and were based on formal models which abstract from many web features or did not provide a formal treat- ment at all. In this paper, we carry out the first extensive formal analysis of the OAuth 2.0 standard in an ex- pressive web model. Our analysis aims at establishing strong authorization, authentication, and session integrity guarantees, for which we provide formal definitions. In our formal analysis, all four OAuth grant types (authorization code grant, implicit grant, resource owner password credentials grant, and the client credentials grant) are covered. They may even run simultaneously in the same and different relying parties and identity providers, where malicious relying parties, identity providers, and browsers are considered as well. Our modeling and analysis of the OAuth 2.0 standard assumes that security recommendations and best practices are followed in order to avoid obvious and known attacks. When proving the security of OAuth in our model, we discovered four attacks which break the security of OAuth. The vulnerabilities can be exploited in practice and are present also in OpenID Connect.
    [Show full text]
  • Understanding Internet Censorship Policy: the Case of Greece
    Understanding Internet Censorship Policy: The Case of Greece Vasilis Ververis George Kargiotakis Arturo Filasto` Humboldt University Berlin The Tor Project Benjamin Fabian Afentoulis Alexandros Humboldt University Berlin Abstract the offending blog post via automatic RSS syndication. In February 2010 ISP Tellas/Wind Hellas blocked the The Greek government has recently initiated large scale Piratebay site [1]. In May 2012 the Greek Organiza- content blocking that leads to Internet censorship. In tion for Intellectual Property Collective Administration this article we analyze the techniques and policies used (AEPI) went to court against every Greek ISP demand- to block content of gambling websites in Greece and ing to censor Ellinadiko.com, a music sharing forum and present the implications of the detected underblock- Music-Bazaar.com, an MP3 webstore, both under the ac- ing and overblocking. We have collected results prob- cusation of infringing copyright laws [2]. The court or- ing eight major broadband and cellular Internet Service dered the ISPs to block the IP addresses of the referred Providers (ISPs) that are a representative sample of In- websites [23]. ternet usage in Greece, and investigate the methods and Later in September 2012 a citizen was arrested on infrastructure used to conduct the contentfiltering. The charges of malicious blasphemy and religious insult af- results of this study highlight issues related to how trans- ter posting a Facebook page that ridiculed a well-known parently Internetfiltering is implemented in democratic Greek Orthodox monk [12]. Following in January 2013, countries and could indicate the presence of unfair com- a politicianfiled a defamation lawsuit against a Greek petition between ISPs.
    [Show full text]
  • Oracle CRM on Demand REST API Developer's Guide
    CRM On Demand Oracle CRM On Demand REST API Developer’s Guide Release 32 June 2016 Copyright © 2005, 2016 Oracle. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error- free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are “commercial computer software” pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government. This software or hardware is developed for general use in a variety of information management applications.
    [Show full text]