(peabee.substack.com)

1192 points gniting | 1 comments | 29 Mar 25 21:26 UTC | HN request time: 0.229s | source

Show context

captn3m0 ◴[30 Mar 25 02:37 UTC] No.43520750[source]▶

>>43518866 (OP) #

The ACTION_MAIN loophole has been written about before: https://commonsware.com/blog/2020/04/05/android-r-package-vi...

Google refuses to patch this. I wonder what would happen if you submit it to the Android VDP as a permission bypass.

There’s also this SO question by the author about the bypass: https://stackoverflow.com/q/79527331

replies(5): >>43520922 #>>43521144 #>>43521275 #>>43522877 #>>43525081 #

3abiton ◴[30 Mar 25 04:13 UTC] No.43521275[source]▶

>>43520750 #

> Google refuses to patch this.

That's why projects like XPL-Extended (and previously XPrivacyLua), are an absolute need. I never run an android phone without these.

replies(2): >>43522389 #>>43524918 #

1. rollcat ◴[30 Mar 25 15:27 UTC] No.43524918[source]▶

>>43521275 #

> If there is one leap that the infosec community consistently fails to make, it is this: people who are not like me, who have different needs and priorities, who have less time or are less technical, STILL DESERVE PRIVACY AND SECURITY.

https://hachyderm.io/@evacide/114184706291051769

↑

Everyone knows all the apps on your phone