Access rights. Thanks to telecom operators!
No one can be trusted! Android always ask for a set of rights to access various services on your phone. Is always. Nearly.
As it turned out, the rights verification subsystem can be broken. And phone manufacturers and telecom operators are breaking. At the moment, it is known that Motorola Droid X and Samsung Epic 4G have a flaw in the firmware, which allows you to suppress SMS sending requests, call recording, etc., etc. The guys from the University of North Carolina (America) quickly found the source of the problem. They were pre-installed by the operator of the application. It can be seen leaving the hole "for their" developers did not think that "their" are different. As a result, we can assume the presence of such holes on all firmware from telecom operators.
')
Google and Motorola have already recognized the presence of this bug, while HTC and Samsung are still silent.
The problem lies in the fact that the operators have removed the request for permissions for their applications, which generously stuffed subsidized phones. Now it’s enough to sign your application with the same certificate (which is not so difficult as experience has shown) and we get an app that is perceived by the system as “not requiring access confirmations”.
Interestingly, such a puncture may not affect Russia at all. We simply do not have subsidized phones and the concept of "operator firmware". I have a bad news…
The researchers also noted that the Android Market does not check certificates. On developers.android.com, the direct text says:
“You can use your signed certificates to sign your applications. No certificate authority is needed »
This means that the distribution of gifts is possible directly from the market. Merry Christmas to all!
Ps: full description of the vulnerability with examples available here.
As it turned out, the rights verification subsystem can be broken. And phone manufacturers and telecom operators are breaking. At the moment, it is known that Motorola Droid X and Samsung Epic 4G have a flaw in the firmware, which allows you to suppress SMS sending requests, call recording, etc., etc. The guys from the University of North Carolina (America) quickly found the source of the problem. They were pre-installed by the operator of the application. It can be seen leaving the hole "for their" developers did not think that "their" are different. As a result, we can assume the presence of such holes on all firmware from telecom operators.
')
Google and Motorola have already recognized the presence of this bug, while HTC and Samsung are still silent.
The problem lies in the fact that the operators have removed the request for permissions for their applications, which generously stuffed subsidized phones. Now it’s enough to sign your application with the same certificate (which is not so difficult as experience has shown) and we get an app that is perceived by the system as “not requiring access confirmations”.
The researchers also noted that the Android Market does not check certificates. On developers.android.com, the direct text says:
“You can use your signed certificates to sign your applications. No certificate authority is needed »
This means that the distribution of gifts is possible directly from the market. Merry Christmas to all!
Ps: full description of the vulnerability with examples available here.
Source: https://habr.com/ru/post/133921/
All Articles