|
|
|
|
|
|
by blinkingled
3872 days ago
|
|
|
You should really read this Usenix paper - https://www.usenix.org/system/files/conference/usenixsecurit... . What you are not understanding or ignoring is that iOS apps (over 250) that were App Store approved were able to retrieve personal user data including email addresses by reverse engineering the names of the private APIs and using message passing. Android sure has private APIs and you can access those but you're still restricted to the permissions you asked for. For example you need to declare android.permission.GET_ACCOUNTS permission to get the user's primary email. Not on iOS apparently where they rely on manual review to ensure you are not calling the Private API - which fails as can be seen in the Chinese AD SDK fiasco I posted. So no Android runtime isn't a security risk as much as iOS private APIs are - your app gets a broad set of permissions on iOS by default and you can do clever trickery to call private APIs to collect personal info and who knows what else without the user knowing. Android needs your app to ask for that permission first (and at runtime on M)- you aren't calling a private method on Android without declaring the necessary permission to get what you want without user interaction. |
|
|
I have read it. It describes an attack on the app review process, i.e. a trojan. Their apps require the user to grant privileges. For example, their GreetingCard app requests access to the user's address book, and the user has to grant it.
> iOS apps (over 250) that were App Store approved were able to retrieve personal user data including email addresses
This is not true. Here's the blog: https://sourcedna.com/blog/20151018/ios-apps-using-private-a...
The data they collected was list of installed apps, serial numbers, and some sort of AppleID numeric identifier. In particular, they did not (could not) collect email addresses.
It's bad that the SDK was collecting this stuff, but this data is fairly innocuous. Last I checked, Android provides information like the list of installed apps and various serial numbers without requiring elevated permission.
If you think it's possible to get the user's email address through an iOS private API, I challenge you to tell me what that private API is.
> For example you need to declare android.permission.GET_ACCOUNTS permission to get the user's primary email. Not on iOS apparently
This is wrong. On iOS, the only way to access the user's email is through the Address Book framework, which prompts the user at the time of access.
> your app gets a broad set of permissions on iOS by default
This is completely false. iOS has a comprehensive on-demand permissions model, which is widely recognized as better than the install-time permission model on Android. This is why Android is switching to iOS style on-demand permissions in Marshmallow.
> you aren't calling a private method on Android without declaring the necessary permission
Please stop confusing private methods with elevated permissions. You CAN call private methods without elevated permissions, as my code above demonstrates.