[kayo_20211030]

> "The most straightforward way to do this would involve having physical access to a victim's phone as well as their system password or another exploitable vulnerability that would allow them to make changes to settings."

If I have all that, why would I need a second level vulnerability? In fairness, the Wired piece might be technically correct, but it does seem overblown; a nice fluffy PR piece rolled up with clickbait.

[gruez]

It's a preloaded app with possibly privileged permissions (ie. permissions that apps you install normally can't get), so it's possibly worse than what you can normally achieve via physical access. I checked the iVerify report[1], and it doesn't look like such permissions exist, but I'd appreciate more elaboration about the actual vulnerability from grapheneos's debunking post, rather than spending half the article ranting about how various entities are bad.

[1] https://40052983.fs1.hubspotusercontent-na1.net/hubfs/400529...

[hiatus]

Even if it has more permissions than a normal app, if you have the password and unrestricted local access to the phone you can already put it in debugging mode and connect to it via adb.

[gruez]

Permissions with protectionLevel of "signature|privileged" can't be granted with adb, so having such an app installed would give you more access than you can get via adb.

https://developer.android.com/reference/android/R.attr#prote...

[hiatus]

Thank you, I did not know that.