Wednesday, November 17, 2010

Have we involuntarily granted partial wiretapping for our android phone?

There are a lot of android apps that require RAED_PHONE_STATE permission. Many of them have legit reason to do so, as they need to manage the audio and microphone state to avoid conflict with incoming calls.
Unfortunately, this simple permission also enables evil apps to obtain many of your personal info that you never want to give out.
From TelephonyManager, any evil app could obtain your phone’s IMEI or ESN, phone number, SIM number and operator, etc.
Do you also realize that an evil app (with long running background service) can also do passive wiretapping? The following sample code demonstrates the recording of all incoming phone numbers.
  TelephonyManager mgr = (TelephonyManager)getSystemService(Context.TELEPHONY_SERVICE);
  mgr.listen(new PhoneStateListener() {
         public void onCallStateChanged(int state, String incomingNumber) {
             super.onCallStateChanged(state, incomingNumber);
             if (state == TelephonyManager.CALL_STATE_RINGING) {
      }, PhoneStateListener.LISTEN_CALL_STATE);
Should we pay more attention now when we grant RAED_PHONE_STATE permission while installing apps?

No comments:

Post a Comment