Hi, I guess the problem is: Where is your attack?
And if you connect your device with your computer: if there is some way to do any damage, would you just "hurt yourself"? greetings, Daniel Eric Dorman wrote: > Ok, um I'll try to cite it. > > Maybe I have this completely wrong. > > "External files can disappear if the user mounts the external storage > on a computer or removes the media, and there's no security enforced > upon files you save to the external storage. All applications can read > and write files placed on the external storage and the user can remove > them." > > -Android Dev Docs > > Say I hooked up my phone to the computer and I wanted to transfer some > files like maybe a media file or something like that. > > Not the best example I know,but I hope it gives you an idea of what I > am thinking. > > > > On Aug 27, 10:13 am, Tauren <[email protected]> wrote: >> I'm still a little confused by your wording. What do you define >> external storage as? Can you cite this area of the dev docs? More >> could you give a better example? >> >> On Aug 27, 10:03 am, Eric Dorman <[email protected]> wrote: >> >> >> >>> Hey Tauren, >>> It would be a attack from the computer to the phone in some sort of >>> file transfer. >>> I guess what I am trying to say is what if a user connects the device >>> into the computer and has files on the computer that he wants to >>> transfer to the device via a USB Mass Storage? >>> I believe from the dev docs that it said external files can disappear >>> if the user puts the external storage on the computer. >>> I hope I am not confusing anyone or asking a dumb question. >>> I am just curious. :D >>> On Aug 27, 9:40 am, Tauren <[email protected]> wrote: >>>> Is this an attach on the phone itself via the sdcard? or an attack on >>>> the computer? For an attack on the computer to occur the software >>>> often needs to be run, which from the sdcard shouldn't happen. As >>>> for attacking the phone I'll leave that up to the experts but I >>>> suspect that the phone won't just run stuff. If its a vulnerable >>>> document of some sort like say a PDF then it comes down to the user >>>> and knowing not to open things he shouldn't. >>>> On Aug 27, 9:21 am, Eric Dorman <[email protected]> wrote: >>>>> Hey guys, >>>>> I have recently been reading up on the External Storage Documentation >>>>> and I have a question that I wanted to address before I made any >>>>> assumptions. :D >>>>> If you can write files to lets say the SD Card then if the user >>>>> connects his/her device into a computer then couldn't the External >>>>> Storage be vulnerable to some kind of security attack on the files in >>>>> the External Storage System that have been saved? >>>>> I am not sure if this would count as a vulnerability,but I thought I'd >>>>> ask before I go and report it. :( > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
