Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:27999
HistoryApr 24, 2012 - 12:00 a.m.

Android information leak

2012-04-2400:00:00
vulners.com
6

Vulnerability Description

We found that any android application can read all world-readable files in
the "/proc" directory without specifying any permissions in their manifest
files. This can leak sensitive information. For example, if the user is not
using a network proxy, a malicious application without any permission to
access the user's browsing history can find the websites the user visits
by simply periodically reading "/proc/net/tcp".

Even if the user uses a network proxy we found that a malicious application
can identify the websites the user visits by periodically monitoring the
browser process's memory usage through "/proc/<pid>/statm" and comparing the
measurements with pre-computed signatures. We also found that a malicious
application can measure the inter key-stroke timings of user's typing by
simply monitoring scheduling statistics from "/proc/<pid>/status".


Credits

Vulnerabilities found and advisory written by Suman Jana and Vitaly Shmatikov.


Reference

http://www.cs.utexas.edu/~suman/publications/oakland12/memento.pdf

"Memento: Learning Secrets from Process Footprints"
by Suman Jana and Vitaly Shmatikov
To appear in IEEE Symposium on Security and Privacy 2012