It was recently claimed that the Facebook app on Android phones accessed messages sent through other apps, and uploaded them to Facebook. This occurred because the Facebook app was not appropriately confined.
This problem is not unique to Facebook’s app. Most apps request access privileges to data and hardware devices on smart phones, without specifying what specific data or hardware they need to access to perform their task.
ECS 153, Computer Security
Version of April 6, 2018 at 10:55AM
|You can also obtain a PDF version of this.