Hacker News new | ask | show | jobs
by iguana 4348 days ago
It could be used as part of the process, for example to access a URL with an android exploit on it that the user would not normally visit. It could also detect periods of inactivity, or high background noise. This is a real attack vector not worth dismissing.
1 comments
diminoten 4348 days ago
No doubt, I just think the fact that the user is going to interfere with any direct exfiltration ruins this as a stand-alone attack.

Your idea, however, is exactly the "missing piece" to this attack.

link