A Review of Anbox: A Good Idea, But Not Fully Baked Yet

Recently we were looking around for an alternative for Android emulator Genymotion. Think of an Android emulator as a virtual Android phone you can use on your computer.

Use cases for this are several:

• For personal use if you want to run Android apps on your computer.
• Developers can use it to test apps they’re making on different phone types. Pentesters may find it useful for apps they’re combing through for vulnerabilities.
• For those in the OSINT/Threat Intelligence community, being able to load up on apps and have a “phone” on your computer is convenient as everything is in one place and you’re not using up valuable space on your physical phone.

One of the downsides to Genymotion is that apps like Snapchat don’t work or need to use unsupported methods to get things up and running.

Enter Anbox, which was first released in 2017.

Anbox looked promising as you can install it directly on a Linux system and in turn install apps from Google Play Store.

As of current Anbox is only available for Linux.

We currently tested it on a virtual machine(vm) running Ubuntu Desktop 20.04LTS. The vm was configured with 6GB of RAM. Video memory was set for 128MB.

Installation was pretty straight forward. The operating system you’re using must support snap in order to install. As of right now, we can’t recommend using Anbox, as you’ll why see below. If you do install, you’re doing so on your accord and accept the risk associated with doing so.

With that said, let’s get into the pros and cons. As a side note, we only installed a minimal amount of apps for testing: Snapchat, CashApp, and Instagram.

Pros:

• Easy to install.
• Easy to launch.
• Some apps from Google Play Store that we weren’t able to install on Genymotion were easy to get onto Anbox.
• Apps like Snapchat worked right out of the box.
• For the fellow OSINTers, pentesters, and CTI people, the “phone number trick” works with the Contacts app.
• Zero bloatware installed. Only the bare minimum exist at startup. (Calculator, Calendar, Clock, Contacts, Email, Files, Gallery, Music, Settings, and the Android web browser)

Cons, in no particular order:

• Anbox crashes from time to time (see screenshot of the alert in terminal) and is best launched from terminal. It’s far from stable, at least on a vm. We did not test on a physical Linux host, so we don’t know if similar behavior exists there.

• Need to install Google Play Store from a third party. Google Play does not ship naively with Anbox.

• Apps slow to load and use. It may be that we’re only using 6GB of RAM for the vm, but we found navigating through apps clunky.
• Instagram and CashApp won’t load. When they’re launched it only distorts the Anbox Application Manager window and then Anbox crashes. See the screenshot below.

• Launching Snapchat had it’s own set of issues after you login. Any notifications that popped up kind of locked up the app, our webcam wasn’t recognized, and lastly, when browsing for snaps to watch, they weren’t loading.
• Documentation not up to date.
• Github project page [link] shows that any recent updates to maintain the project are over a year old and, as of current, there are 330 issues still open.
• The version of Android used is several versions behind and therefore insecure. “The used image is currently based on Android 7.1.1” [Source: Github]

Our verdict:

While we like the concept of Anbox as an emulator, the cons outweigh the pros for this. Too many things make using it frustrating. While we aren’t developers, we see a lot of work went into this and appreciate what the creators made. At the same time, we can’t recommend this as a viable solution for even personal use. For an average person, they aren’t going to want to go through extra steps or deal with constant crashes. For us that would use this as a tool for intelligence gathering, app development, or pentesting, it’s too unstable to rely on. By using Anbox, you’re also introducing risk into your system since the version of Android used is several versions behind and therefor vulnerable.

In other words, it’s not fully baked yet, but it would be awesome to have something to naively install android apps on a virtual or physical host that fully works.

If you use Anbox, is our review fair or did we miss the mark? Let us know in the contact form. This article will also make it to our socials, so look for it on LinkedIn, Facebook, and Twitter (and follow us if you haven’t).

Also sign up for our free cybersecurity and intelligence newsletter while you’re here: https://bsquaredintel.com/newsletter-signup/