Vulnerabilty to Android Apps With no Permissions
Wednesday, April 11, 2012, Modified: Wednesday, April 11, 2012 Refs
http://leviathansecurity.com/blog/archives/17-Zero-Permission-Android-Applications.html
"The first privileged access area is the SD Card. Every application has at least read-only access to the contents of this external storage ... Secondly, I can fetch the /data/system/packages.list file ... The third action I was able to take was to grab identifiable information about the device itself ... there is one network call that can be made without any permissions: the URI ACTION_VIEW Intent opens a browser."

Try Buffer, a smarter way to share links and pictures by spreading your tweets and posts out over time. Sign up from this link and we both get extra features.

Buffer
Home :: Items