|
|
|
|
|
|
by georgemcbay
3397 days ago
|
|
|
You don't even need to necessarily own the phone at the kernel level. Things like the Android AccessibilityService APIs are kind of a huge gaping issue if the app uses standard text controls without overriding the View.AccessibilityDelegate event handlers. Of course, this is a bit of a balancing act, because many disabled people legitimately benefit from the accessibility services, but they are like a huge vacuum from which displayed and entered textual data from your application can be sucked out. |
|
|