UCF STIG Viewer Logo

The administrator/MDM must disable mock locations.


Overview

Finding ID Version Rule ID IA Controls Severity
V-48287 KNOX-25-015900 SV-61159r1_rule Low
Description
Developers often use mock locations in the development of apps that leverage location-based services. Developer modes circumvent certain security measures, so their use for standard operation is not recommended. Developer modes may increase the likelihood of compromise of confidentiality, integrity, and availability. In particular, malicious applications can use the mock locations feature in the Android OS to override the device GPS location and provide a fake location to the user or network provider. SFR ID: FMT_SMF.1.1 #21
STIG Date
Samsung Android (with Knox 1.x) STIG 2014-04-22

Details

Check Text ( C-50721r3_chk )
This validation procedure is performed on both the MDM Administration Console and the Samsung Knox Android device.

Check whether the appropriate setting is configured on the MDM Administration Console:
1. Ask the MDM administrator to display the "Allow mock locations" setting in the "Android Restrictions" rule.
2. Verify the setting is disabled.

On the Samsung Knox Android device:
1. Open the device settings.
2. Select "Developer options". (**)
3. Attempt to enable "Allow mock locations".
4. Verify "Allow mock locations" cannot be enabled.

If the "Allow mock locations" setting in the MDM console is enabled, or if the user is able to enable "Allow mock locations" on the device, this is a finding.

(**) "Developer options" is initially hidden to users. To unhide this menu item:
1. Open the device settings.
2. Select "About phone".
3. Rapidly tap on "Build number" multiple times until the device displays that "Developer options" has been turned on.
Fix Text (F-51897r2_fix)
Configure the mobile operating system to disable mock locations.

On the MDM Administration Console, disable the "Allow mock locations" setting in the "Android Restrictions" rule.