Reply to post: Re: To quote the piece. "featured a proof of concept rootkit for the Binder component"

Bad news, fandroids: He who controls the IPC tool, controls the DROID

Michael Wojcik Silver badge

Re: To quote the piece. "featured a proof of concept rootkit for the Binder component"

"featured a proof of concept rootkit for the Binder component"

Yes, but from their paper (linked to in the article):

Most importantly, all the techniques described in this paper require running with root permissions.

The concept they're proving is that "if you can get access to Binder messages, you can do a lot of stuff". They demonstrate keylogging, form interception, SMS interception, and so on - but all of their exploits require root.

As others have said above (though I'm not sure any of the people making this claim actually looked at the slides or read the paper), this talk was very much about why the Binder is a juicy target for malware authors, and not about actual vulnerabilities that exist today. While there may well be such vulnerabilities, the authors do not describe any.

In short, it's "look at this whopping great attack surface!".

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019