答复: [android-security-discuss] SEND_SMS without any permission

[Tong]

You’d better read their paper about capability leaks in advance to
understand this problem

 

http://www.csc.ncsu.edu/faculty/jiang/pubs/NDSS12_WOODPECKER.pdf

 

 

 

Tong

http://www.mobile-app-insight.org

 

发件人: android-security-discuss@googlegroups.com
[mailto:android-security-discuss@googlegroups.com] 代表 babysnow
发送时间: 2012年12月6日 8:14
收件人: android-security-discuss@googlegroups.com
主题: [android-security-discuss] SEND_SMS without any permission

 

Prof. Xuxian Jiang's group announced a new security loophole of Android.

It can use the functionalities provided by SEND_SMS without any permission. 

See: 

 http://www.csc.ncsu.edu/faculty/jiang/send_sms_leak.html

 

I am not a hacker and I am purely out of interest. How can they achieve
SEND_SMS without any permission?

 

-- 
You received this message because you are subscribed to the Google Groups
"Android Security Discussions" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/android-security-discuss/-/X4Rd9M5m7J4J.
To post to this group, send email to
android-security-discuss@googlegroups.com.
To unsubscribe from this group, send email to
android-security-discuss+unsubscr...@googlegroups.com
<mailto:android-security-discuss+unsubscr...@googlegroups.com> .
For more options, visit this group at
http://groups.google.com/group/android-security-discuss?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Android Security Discussions" group.
To post to this group, send email to android-security-discuss@googlegroups.com.
To unsubscribe from this group, send email to 
android-security-discuss+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/android-security-discuss?hl=en.