Sneaky devs could abuse shared libraries to slurp smartphone data | The Register

Sneaky devs could abuse shared libraries to slurp smartphone data; Richard Chirgwin; In The Register; 2017-08-04.
Teaser: Privilege escalation is baked in to mobile OSes, if you look for it

Original Sources

Vincent F. Taylor, Alastair R. Beresford, Ivan Martinovic; Intra-Library Collusion: A Potential Privacy Nightmare on Smartphones; 2017-08-11; 17 pages; arXiv:1708.03520

Mentions

  • Intra-Library Collusion (ILC)
  • Combined set of permissions across all instantiations of the library.
  • Privilege Separation

Comments are closed.