Tech

Android 13 Puts A Lid On Malicious Apps That Abuse Accessibility Access

Credit: Esper

Google comprehensively vets apps listed on the Play Store that require the use of accessibility features, but that safety protocol is not implemented for apps that are downloaded as an APK file from the web. Google is not going to enable the limitation for all sideloaded apps though, as the company is only targeting applications downloaded from shady and less legitimate sources. It is unclear if there’s an internal database that categorizes third-party app repositories as legitimate or risky, but there’s one parameter that will come in handy at making the judgment. And that parameter is the session-based package installation API. Rahman notes that “this installation method is usually used by app stores to provide a more seamless experience.”

Apps that require accessibility processes but have been installed from a source that does not implement the session-based package installation system will have the accessibility privilege disabled by default. In a nutshell, users won’t be able to grant accessibility privileges to shady sideloaded apps, even if they want to. The scrutiny begins with the Files by Google app, which analyses whether an app’s APK package falls in line with the session-based package installation guidelines. Once implemented in Android 13, malicious apps seeded via a suspicious webpage or SMS link will have their accessibility freedom curtailed, preventing them from performing harmful tasks like stealing sensitive information.

Source: Esper

Content

Android 13 Puts A Lid On Malicious Apps That Abuse Accessibility Access

Credit: Esper
Google comprehensively vets apps listed on the Play Store that require the use of accessibility features, but that safety protocol is not implemented for apps that are downloaded as an APK file from the web. Google is not going to enable the limitation for all sideloaded apps though, as the company is only targeting applications downloaded from shady and less legitimate sources. It is unclear if there’s an internal database that categorizes third-party app repositories as legitimate or risky, but there’s one parameter that will come in handy at making the judgment. And that parameter is the session-based package installation API. Rahman notes that “this installation method is usually used by app stores to provide a more seamless experience.”
Apps that require accessibility processes but have been installed from a source that does not implement the session-based package installation system will have the accessibility privilege disabled by default. In a nutshell, users won’t be able to grant accessibility privileges to shady sideloaded apps, even if they want to. The scrutiny begins with the Files by Google app, which analyses whether an app’s APK package falls in line with the session-based package installation guidelines. Once implemented in Android 13, malicious apps seeded via a suspicious webpage or SMS link will have their accessibility freedom curtailed, preventing them from performing harmful tasks like stealing sensitive information.
Source: Esper

#Android #Puts #Lid #Malicious #Apps #Abuse #Accessibility #Access

Tài Chính Kinh Doanh

Business Finance - Synthesize economic and financial news, market price news, insurance news.... Start-up investment opportunities, business cooperation and loan guidance. #taichinhbusiness #taichinh #tintuctaichinh #tintucbaohiem Contact Info: Website: https://taichinhquangdoanh.info/ Mail: Address: 63-47 To Hien Thanh Ward, Le Dai Hanh, Hai Ba Trung, Hanoi, Vietnam

Trả lời

Email của bạn sẽ không được hiển thị công khai. Các trường bắt buộc được đánh dấu *

Back to top button