The Nexus
Show navigation Hide navigation
  • BLOG
  • ABOUT
    • Ego Surfing
  • PROJECTS
    • n2
    • S2ajax
    • Condo
    • ezEdit
    • FreeBlog - Air
    • Tooredo Alpha
    • Tools
    • Journlr, Again!
24 Aug 2014 | 2 min. (310 words)

No doubt about that: we are about to hear again about how Android is an inherently insecure OS. It does...

http://www.cs.ucr.edu/~zhiyunq/pub/sec14_android_activity_inference.pdf

No doubt about that: we are about to hear again about how Android is an inherently insecure OS. It does not matter that the same algorithm would likely work on other mobile devices or, for that matter, any OS.

It’s a clever attack. Well, the “theft” bits of it (invisible activity or photo hijacking) are pretty standard but the first part, the activity detection one, is pretty smart.
Note that it’s nothing new though; simply a mix of computer forensics and a timing attack.

So, how do you protect your data?

In short: it’s not too bad. Read on.

Bad news: not much you can do, at this point, to prevent the “active” part of the attack: it is easy to open a transparent activity; as opposed to a transparent screen overlay, which requires a special set of permissions that MIUI, for instance, denies by default.

Conceivably, though, if your phone is rooted, it would be fairly trivial to write an Xposed module that displays a Toast like:

switching to app_blah

Good news, though, regarding the detection bit: as if often the case, I believe that this experiment can only be reproduced in a tightly controlled environment.
If your device has a different screen resolution/density; if you use an alternate keyboard (in some cases); if you are using a customized ROM; (insert here other factors that would change your activity’s signature); then you are now dramatically lowering the odds that this exploit will work at all.
These videos are impressive but keep in mind that they were made using the researchers’ own devices, not your device.

I am not saying that you are safe, though. I am simply pointing out that this is definitely not a trivial attack and I am sure that as soon as my fellow XDA-ers start giving it some thoughts, a workaround will become available.

Comments powered by Talkyard.

Just a few awesome people I work with

Since +Adam Outler is into doing networky things, now, I don't see why I couldn't flash a few EEPROMs...

2022 The Nexus