SoylentNews is people
SoylentNews
Submitted via IRC for SoyCow1937
A team of Oxford and Cambridge researchers is the latest to join a chorus of voices sounding the alarm on a new attack vector named Intra-Library Collusion (ILC) that could make identifying Android malware much harder in the upcoming future.
The research team has described the ILC attack vector in a research paper released last month and named "Intra-Library Collusion: A Potential Privacy Nightmare on Smartphones."
An ILC attack relies on threat actors using libraries to deliver malicious code, instead of standalone Android apps packed with all the malicious commands.
Apps usually require permissions for all the operations they need to perform. An ILC attack relies on spreading the malicious actions across several apps that use the same library(ies).
Each app gets different permissions, and malicious code packed in one app could use shared code from other apps — with higher privileges — to carry out malicious operations.
The advantage — for malware authors — is that investigators analyzing a compromised devices would see the breadth of malicious activities, but would exclude certain apps as the infection's source because they do not possess all the permissions needed to execute the attack.
(Score: 2) by Runaway1956 on Tuesday September 12 2017, @05:01PM (8 children)
So - I'm thinking - on a multiuser system, it's the user, not the app, that is assigned permissions. Super User and/or Root have all these magical permissions, while, I, a mere user, am restricted in many ways. SU uses some of the same libraries that I use, sometimes, even at the same time. But the system doesn't get confused, and grant me SU powers because we are using the same libraries.
Trying to assign permissions to libraries seems a damned half assed way to address security issues. Did they just take all of Microsoft's worst ideas, and try to make them even worse?
How about we all just decide NOT to install random apps, published by unknown, faceless people, about whom we know NOTHING.
Oh hell, that's just to simple a solution. Everyone needs bling on their little electronic screen.
(Score: 2, Funny) by fustakrakich on Tuesday September 12 2017, @05:12PM
Everyone needs bling on their little electronic screen.
Well, the weather apps are nice, if they could predict the weather...
And the need for Solitaire? I would hope that goes without mentioning...
La politica e i criminali sono la stessa cosa..
(Score: 1, Touché) by Anonymous Coward on Tuesday September 12 2017, @05:15PM
>So - I'm thinking - on a multiuser system, it's the user, not the app, that is assigned permissions.
But on mobile, user is the product, while app distributors are customers. A different ownership model.
(Score: 5, Funny) by DannyB on Tuesday September 12 2017, @05:45PM
That would be unwise indeed. Microsoft patented all of its worst ideas. Taking them, let alone modifying them, would surely invite a patent infringement lawsuit.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.
(Score: 0) by Anonymous Coward on Tuesday September 12 2017, @05:54PM (3 children)
Take a look at the sudo binary. It's got the setuid flag set and is owned by root. This is why, when you sudo something, whatever you run, runs as root. Sudo just validates a password and if successful, runs the binary you tell it to run in its own context (i.e. as user 0 - root)
(Score: 0) by Anonymous Coward on Tuesday September 12 2017, @07:40PM
And them what?
(Score: 2) by maxwell demon on Tuesday September 12 2017, @08:00PM (1 child)
That's not a library.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 0) by Anonymous Coward on Wednesday September 13 2017, @01:53AM
Indeed, but it is permissions assigned to code, as opposed to the thing that invokes the code.
(Score: 2) by Nerdfest on Tuesday September 12 2017, @05:54PM
They do assign permissions based on user, but every app has a different userid. Not sure how this works, or whether it's just a bug or a serious architectural failing.