[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Android information leak

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Android information leak
From: sumanj@xxxxxxxxx
Date: Wed, 11 Apr 2012 05:26:30 GMT

----------------------------
Vulnerability Description
----------------------------

We found that any android application can read all world-readable files in 
the "/proc" directory without specifying any permissions in their manifest 
files. This can leak sensitive information. For example, if the user is not 
using a network proxy, a malicious application without any permission to 
access the user's browsing history can find the websites the user visits 
by simply periodically reading "/proc/net/tcp". 

Even if the user uses a network proxy we found that a malicious application 
can identify the websites the user visits by periodically monitoring the 
browser process's memory usage through "/proc/<pid>/statm" and comparing the 
measurements with pre-computed signatures. We also found that a malicious 
application can measure the inter key-stroke timings of user's typing by 
simply monitoring scheduling statistics from "/proc/<pid>/status". 

--------
Credits
--------

Vulnerabilities found and advisory written by Suman Jana and Vitaly Shmatikov.

-----------
Reference
-----------
http://www.cs.utexas.edu/~suman/publications/oakland12/memento.pdf

"Memento: Learning Secrets from Process Footprints"
by Suman Jana and Vitaly Shmatikov
To appear in IEEE Symposium on Security and Privacy 2012

Prev by Date: [ MDVSA-2012:055 ] samba
Next by Date: Multiple XSS vulnerabilities in All-in-One Event Calendar Plugin for WordPress
Previous by thread: [ MDVSA-2012:055 ] samba
Next by thread: Multiple XSS vulnerabilities in All-in-One Event Calendar Plugin for WordPress
Index(es):
- Date
- Thread