Hi All, Can the Android model of displaying the permissions required for an particular application be bypassed?
Read this article recently at: http://www.csoonline.com/article/659764/shmoocon-2011-your-android-s-dirty-little-secret It is mentioned in the article that: "They were able to bypass the permission approval process and steal the authentication token from the Android AccountManager." Is this feasible? Does this means, prior to installation not all permissions will be shown to users? Or an application will be downloaded and installed in the background without user's awareness? Thanks In Advance, Perumal -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
