so (shared library!)-based obfuscation/protection runtime. :(įWIW, there are "interestinger" obfuscators that Proguard out there I once wondered how a random Chinese smart-device companion app worked internally, and found that it shipped with a. "Find why this wants all these permissions" is a sadly very open-ended question from this low-level perspective. Like with IDA, you generally need a very good idea of exactly what you want to do when using it. JADX ( ) is generally the tool people mostly use to fight their way through this status quo. Given this state of commoditization it's often a good question whether an app's symbols are available or not. Once enabled by just changing a couple build settings to "true", obfuscation Just Works™ without any additional steps. If a given app isn't using obfuscation, you might be able to see some symbol names however.Īndroid Studio adds the Proguard obfuscator (which ships for free with 'Studio) into the build instructions of every new project by default, but switched off by default to make builds faster. Control flow is generally always somewhat permuted in much the same way pseudo-decompiled C code doesn't quite look the same as the original. In practice a reasonable number of Chrome extensions incidentally aren't minified and contain perfectly readable source, sometimes even with comments (which is great for figuring out how other developers have solved certain complex integration problems D) - but the bytecode-based nature of the Java runtime means you're always working with some level of minification. You're basically in an equivalent situation to wondering why a given Chrome extensions might be asking for a certain permission, only to download the CRX, unzip it, and find everything minified. I'd be a bit bullish that APKTool on its own would be useful. With the ahead-of-time way things work nowadays. Android's trying to go down a just-in-time model where for example something requests access to storage as and when needed this contextualizes and thus justifies the request, allowing for more informed consent. So not only is the mapping from policy to implementation a case of a pile of arrows all pointing at each other, the permissions model is really just about enabling access to APIs ahead-of-time so they can be used when needed. For example, a given game might want access to your "cell ID information" because the analytics SDK it uses is overly invasive (while the game itself never needs the info), while a smart-device controller app might request "real-time location information" (I forget exactly what the permission is called) just so it can enable Bluetooth (!) to actually connect to your smart whatever. To make matters worse, the very orthogonal way permissions are categorized relative to internal API architecture is woefully unintuitive at best, making it next to impossible to come up with good summary judgements of what a given app might be trying to do. It can be a tad misrepresentative, like a wall of text devoid of formatting can be scary to reason about. basically reason about the ceiling of everything an app might use across its lifetime. IIUC, the permissions apps request ultimately just enable access to certain APIs they don't do anything on their own. Heh, mine's "after I count to infinity twice" :) I can't remember if I cribbed that from somewhere.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |