This Android OS vulnerability will harm all major mobile phone manufacturers.

In the early years, compared with iOS, the big disadvantage of Android is security. Due to the open nature, many third-party applications on the early Android system will abuse all kinds of permissions unscrupulously, stealing user privacy and degrading the experience of mobile phones. However, in recent years, Google has intensified its rectification efforts, and its Android rights management has become more stringent.

Recently, Magisk developer topjohnwu posted on XDA that he found that there are many system vulnerabilities on Android phones , which can cause third-party applications to bypass user authorization to monitor the progress of other applications. If abused, it may steal user privacy.

Specifically, on Unix-based operating systems, third-party applications can view the running status of other applications and services through the procfs file system, and Android is no exception. But starting with Android 7.0, for security reasons, Google has locked access to procfs.

If the third-party application wants to view the processes of other applications, you need to use the Usage Status or Accessibility Service API. However, if you use these interfaces, you need to get permission from the user. Google did this by giving it a lock on the original function and handing it over to the user.

However, although Google’s own equipment strictly follows this specification, many Android vendors do not follow up immediately. A large number of mobile phones equipped with Android 8.0 and 9.0 do not lock the procfs file system. In this way, third-party applications can bypass the user’s authorization to access information of other applications.

After investigating statistics, topjohnwu found that in addition to Google, there are very few vendors that lock the procfs on the mobile phone. Only Samsung, Motorola and Sony, other Android vendors have been recruited.

However, it should be noted that the vulnerability is not particularly large, and the harm that third-party developers can use to generate it is still very limited. You don’t have to worry too much. Some third-party applications may not be deliberate in exploiting this vulnerability. It may be that the developer has not noticed this problem.

But in the end, this vulnerability still reflects the fragmentation problem in the Android ecosystem. Even if the system version keeps up, security may not keep up. As an open system, on Android, Google is more of a leading and demonstrative role, but it cannot force third-party vendors to make changes.

Leave a Reply

Your email address will not be published.