Thread: Holy cow, we have been dirty for 9 years
View Single Post
ste-phan's Avatar
ste-phan is offline ste-phan
2016-10-24 , 09:16
Posts: 1,197 | Thanked: 2,710 times | Joined on Jan 2010 @ Hanoi
#16
Originally Posted by eccerr0r View Post
Well, it looks like kernel 3.10 and later are the "easy to exploit" so it sounds like we might be semi-safe on Maemo. Still worrysome.

I have yet to try this on my android phone, then again I don't use my android phone that much.

In any case you don't need permissions to run the dirty cow exploit, it's just regular code (but it looks like you may need multithreading enabled as well as being able to write to your own address space through /proc.)

In android I wish it were possible to fine grain control all the functions that they say on those "XYZ needs access to ABC"...

Just let them install, but the user gets to control whether XYZ actually gets to use feature ABC.

Even better, return garbage information.

Now that's what I wish could be done.
About your wish, I once "secured" a Note 2 where I have installed XPrivacy.
It does exactly what you say: let stuff install, pop up with questions after install allowing you to decide for yourself
A.nd to leave things working as they should, it reportedly feed garbage dummy information to the agressor app.

So I get Viber running without address book access.

If I remember correctly, the thing had to be rooted and something called Exposed framework had to be installed. It is not my favorite activity and I hope one day this becomes much easier and straight forward to install.
But once you get Xprivacy running, you feel a big relief, I can tell you that
 

The Following User Says Thank You to ste-phan For This Useful Post: