http://www.cs.ucr.edu/~zhiyunq/pub/sec14_android_activity_inference.pdf
No doubt about that: we are about to hear again about how Android is an inherently insecure OS. It does not matter that the same algorithm would likely work on other mobile devices or, for that matter, any OS.
It’s a clever attack. Well, the “theft” bits of it (invisible activity or
photo hijacking) are pretty standard but the first part, the activity
detection one, is pretty smart.
Note that it’s nothing new though; simply a mix of computer forensics and a
timing attack.
So, how do you protect your data?
In short: it’s not too bad. Read on.
Bad news: not much you can do, at this point, to prevent the “active” part of the attack: it is easy to open a transparent activity; as opposed to a transparent screen overlay, which requires a special set of permissions that MIUI, for instance, denies by default.
Conceivably, though, if your phone is rooted, it would be fairly trivial to write an Xposed module that displays a Toast like:
switching to app_blah
Good news, though, regarding the detection bit: as if often the case, I
believe that this experiment can only be reproduced in a tightly controlled
environment.
If your device has a different screen resolution/density; if you use an
alternate keyboard (in some cases); if you are using a customized ROM; (insert
here other factors that would change your activity’s signature); then you are
now dramatically lowering the odds that this exploit will work at all.
These videos are impressive but keep in mind that they were made using the
researchers’ own devices, not your device.
I am not saying that you are safe, though. I am simply pointing out that this is definitely not a trivial attack and I am sure that as soon as my fellow XDA-ers start giving it some thoughts, a workaround will become available.
Comments powered by Talkyard.