Thats the point, the 2 apps need to know about each other. If they were not designed in the first place to communicate or its interfaces were protected (which is how it should be done), then there is no possibility of a covert channel.
But this opens an interesting scenario. I have 2 apps, one of which legitimately needs an internet connection, for example, a chat client. It publishes an unprotected interface over which other apps can make network requests. Then other trojans can be installed that wouldn't require network permissions since the first one provides the service. Maybe this is the form of collusion that the OP was talking about. David, Interesting paper. -Earlence On Apr 13, 1:03 am, Chris Palmer <[email protected]> wrote: > > I think they were trying to constraint it that that the apps don't > > have android.permission.WRITE_EXTERNAL_STORAGE and only one had internet > > permission and presumably want to know if its possible to use Binder based > > RPC. but yes, I assume one app can publish as a service and the other could > > bind to it. not sure if any permissions are needed for that. > > Right, you can set up a no-Permission-required Service or other > Binder-based IPC. > > Note that even if an app doesn't have INTERNET, it can still talk to > the internet. My Lookout published some mechanisms for doing this at > Black Hat last year. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
