Reply to post: Re: Have I gone senile?

Sneaky devs could abuse shared libraries to slurp smartphone data

Anonymous Coward
Anonymous Coward

Re: Have I gone senile?

Its not, what this is about is using shared libraries means that the library creator can embed crap into it that can mean that when its used across multiple applications all with different permissions means that the creator can end up with more access than anyone application has granted.

One app can have been given access to you phone book, as this library is embedded in this app, it also has access to your phone book (android cant limit access to the library, it on the app only). Now you install a second app which includes this same library, it gets given access to your texts. Now this library and thus the creator of the library now has the possibility to access to you phone book and texts.

What this is about is say facebook creating these super libraries that do all these great things, people use it in their apps. People then install them and grant limited permissions, but as they have many apps installed with many different permissions facebooks library ends up with them all when combined. This library can be written to send this limited data from each application back to facebook and be combined to be greater than each individual application could have provided.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon