(no title)
xigma | 7 years ago
That new malicious app then gets to somehow have more permissions than the original malicious app or the installer.
Guys, that's an Android bug. This is exactly the kind of thing that needs to be fixed at an OS level, you can't be relying on the competence of arbitrary developers to maintain the security of the system.
Of course it's an opportunity for Google to use their own broken security model as an argument on why apps should only come from their own "curated" channels (which presumably also host the malware exploiting this). It just so happens to be their source of revenue...
UncleMeat|7 years ago
There are two ways to fix this. One is to not permit dynamic code loading or app installs off the Play Store. This is Apple territory and pisses people the hell off. The other is to not have any world writable filesystem at all. I guess you could do this, but this messes with features surrounding music and pictures that you do want to share between apps.
Epic literally could have used the private filesystem that is right there just for the purpose of having files that are protected from other apps.
xigma|7 years ago
It should not be possible for an application that happens to install other applications to bypass the user for specific permissions. The user must be asked explicitly.
This has nothing to do with being able to "sideload" apps or not. Sideloading apps is actually possible on iOS, it's just such an effort (getting a developer account) that it's rarely done in practice.
HillaryBriss|7 years ago
According to Google issue tracker: "This patch changes the default APK storage directory from external to internal storage, which should prevent MITD attacks during the install flow."
https://issuetracker.google.com/issues/112630336#comment5