Applications Permissions

Applications permissions are a widespread coarse-grained way to limit applications' access to sensitive information, for example sound recorded by microphone, and valuable resources, like the battery, internet traffic and account balance. They are implemented in major state of the art PDA operation systems (Android, iOS, Windows), web browsers and web services providing an OAuth API.

Mobile devices

The list of available permissions usually contains accessing.:^[1]^[2]

geolocation
- GNSS (GPS, GLONASS, QZSS)
- system providers, using trilateration to nearby wireless networks, though it is possible to implement providers utilising other sensors, like microphone, accelerometer, gysoscope and barometer and an online DB of ambient measurements
sensors and their identifiers and characteristics
- camera
- microphone
- biometric sensors used for identification and authentication, like fingerprint sensor
- biometric sensors used for medical and fitness purposes, like heart rate sensor
- unfortunately, other sensors, such as gyroscope, accelerometer, barometer, temperature, light, proximity, voltmeter, ampermeter are usually not behind permissions, even though they pose major privacy and security risks.^[3]^[4]^[5]^[6]^[7]^[8] This can be partially fixed with additional software, like XPrivacy.
internet access
wired and wireless interfaces access, including their hardware identifiers and signal strength where applicable
- WiFi
- BlueTooth
- 3G
- 4G
- NFC
- infrared port
- USB
making and receiving phone calls
sending and reading SMS
account to make in-app purchases
showing own GUI elements over other apps' GUI
installing, deleting and otherwise managing applications
changing device settings, including ...
enabling and disabling wireless interfaces
accessing storage
authentication tokens (i.e. OAuth ones) of web services stored in system storage for sharing them between apps
accessing dedicated interfaces registered by other apps, like
- contacts
- calendars, events and appointments
- superuser access on rooted devices (not quite a permission since it is used only for showing in GUI that the app uses root, lot of apps using su don't have this permission)
- push-services interfaces

On Android <6 permissions are not usually revokable, though there is AppOps mechanism in some OSes (it's usually present in vanilla Android and aftermarket OSes, but usually removed in stock OSes) allowing to deprive apps access to some personal data. In Android >=6 apps can request permissions in run time, but this requires app developer collaboration (developer is free to use non-runtime permissions only and the app will likely crash if permission is not granted and the ones not granting the permission is not a target audience of an app) ^[9] and some permissions marked as permissions in previous versions of the OS, like internet access, are non-revocable and are not even show on apps installation. This can be fixed with XPrivacy.

On iOS usage of permissions is regulated using the guidelines.^[10]

In Android ecosystem usage of permissions is often abused in order to spy on users, many applications require as much permissions as they can and monetize by integrating libraries by advertising networks, showing ads and spying on users to bstter target them.

WebPermissions

WebPermissions is a permission system for web browsers. When a web application needs some data behind a permission, it must request it first. When it does it, a user sees a window asking him to make a choice. The choice is remembered, but can be cleared lately.

Currently the following resources are controlled:

geolocation^[11]
desktop notifications^[12]
service workers^[13]^[14]
sensors
- audio capturing devices,^[15] like soundcards, and their model names and characteristics
- video capturing devices,^[15] like cameras, and their identifiers and characteristics

Analysis

In some cases permissions are implemented in 'all-or-nothing' approach: a user either has to grant all the requested permissions to an app, or be unable to use the app. Even if a user can revoke a permission, the app can blackmail a user by refusing to operate, for example just crashing. There are some solutions, such as XPrivacy, which instead of providing access to the requested data instead of throwing an exception and crashing an app returning disinformation to make an app operate as if the permission was granted. It is also possible to use static analysis to analyze the requested permissions.^[16]

References

↑ "Manifest.permission - Android Developers". https://developer.android.com/reference/android/Manifest.permission.html.
↑ "iOS Security Guide". https://www.apple.com/business/docs/iOS_Security_Guide.pdf.
↑ Michalevsky, Yan; Boneh, Dan; Nakibly, Gabi (2014). "Gyrophone: Recognizing Speech from Gyroscope Signals" (PDF). USENIX Security Symposium 23: 1053–1067. ISBN 978-1-931971-15-7. https://crypto.stanford.edu/gyrophone/files/gyromic.pdf.
↑ https://cse.sc.edu/~wyxu/719Spring12/papers/US-vibr-Phone.pdf
↑ Michalevsky, Yan; Nakibly, Gabi; Schulman, Aaron; Veerapandian, Gunaa Arumugam; Boneh, Dan (2015-02-10). "PowerSpy: Location Tracking using Mobile Device Power Analysis". arXiv:1502.03182 [cs.CR].
↑ Mosenia, Arsalan; Dai, Xiaoliang; Mittal, Prateek; Jha, Niraj (2017). "PinMe: Tracking a Smartphone User around the World". IEEE Transactions on Multi-Scale Computing Systems: 1. doi:10.1109/TMSCS.2017.2751462. ISSN 2332-7766.
↑ Hua, Jingyu; Shen, Zhenyu; Zhong, Sheng (2015-05-22). "We Can Track You If You Take the Metro: Tracking Metro Riders Using Accelerometers on Smartphones". arXiv:1505.05958 [cs.CR].
↑ Guri, Mordechai; Daidakulov, Andrey; Elovici, Yuval (2018-02-07). "MAGNETO: Covert Channel between Air-Gapped Systems and Nearby Smartphones via CPU-Generated Magnetic Fields". arXiv:1802.02317 [cs.CR].
↑ "Runtime Permissions - Android Open Source Project". https://source.android.com/devices/tech/config/runtime_perms.
↑ Inc., Apple. "Requesting Permission - App Architecture - iOS Human Interface Guidelines". https://developer.apple.com/ios/human-interface-guidelines/app-architecture/requesting-permission/.
↑ "Geolocation API Specification 2nd Edition". https://www.w3.org/TR/geolocation-API/.
↑ "Notifications API Standard". https://notifications.spec.whatwg.org/.
↑ "Push API". https://www.w3.org/TR/push-api/.
↑ "Web Background Synchronization". https://wicg.github.io/BackgroundSync/spec/.
↑ ^15.0 ^15.1 "Media Capture and Streams". https://w3c.github.io/mediacapture-main/.
↑ Bartel, Alexandre; Klein, Jacques; Le Traon, Yves; Monperrus, Martin (2012). Automatically securing permission-based software by reducing the attack surface: an application to Android. doi:10.1145/2351676.2351722. https://hal.archives-ouvertes.fr/hal-00726196/document.

0.00

(0 votes)

[1] "Manifest.permission - Android Developers". https://developer.android.com/reference/android/Manifest.permission.html.

[2] "iOS Security Guide". https://www.apple.com/business/docs/iOS_Security_Guide.pdf.

[3] Michalevsky, Yan; Boneh, Dan; Nakibly, Gabi (2014). "Gyrophone: Recognizing Speech from Gyroscope Signals" (PDF). USENIX Security Symposium 23: 1053–1067. ISBN 978-1-931971-15-7. https://crypto.stanford.edu/gyrophone/files/gyromic.pdf.

[4] ttps://cse.sc.edu/~wyxu/719Spring12/papers/US-vibr-Phone.pdf

[5] Michalevsky, Yan; Nakibly, Gabi; Schulman, Aaron; Veerapandian, Gunaa Arumugam; Boneh, Dan (2015-02-10). "PowerSpy: Location Tracking using Mobile Device Power Analysis". arXiv:1502.03182 [cs.CR].

[6] Mosenia, Arsalan; Dai, Xiaoliang; Mittal, Prateek; Jha, Niraj (2017). "PinMe: Tracking a Smartphone User around the World". IEEE Transactions on Multi-Scale Computing Systems: 1. doi:10.1109/TMSCS.2017.2751462. ISSN 2332-7766.

[7] Hua, Jingyu; Shen, Zhenyu; Zhong, Sheng (2015-05-22). "We Can Track You If You Take the Metro: Tracking Metro Riders Using Accelerometers on Smartphones". arXiv:1505.05958 [cs.CR].

[8] Guri, Mordechai; Daidakulov, Andrey; Elovici, Yuval (2018-02-07). "MAGNETO: Covert Channel between Air-Gapped Systems and Nearby Smartphones via CPU-Generated Magnetic Fields". arXiv:1802.02317 [cs.CR].

[9] "Runtime Permissions - Android Open Source Project". https://source.android.com/devices/tech/config/runtime_perms.

[10] Inc., Apple. "Requesting Permission - App Architecture - iOS Human Interface Guidelines". https://developer.apple.com/ios/human-interface-guidelines/app-architecture/requesting-permission/.

[11] "Geolocation API Specification 2nd Edition". https://www.w3.org/TR/geolocation-API/.

[12] "Notifications API Standard". https://notifications.spec.whatwg.org/.

[13] "Push API". https://www.w3.org/TR/push-api/.

[14] "Web Background Synchronization". https://wicg.github.io/BackgroundSync/spec/.

[w3c.github.io-15] 15.0 ^15.1 "Media Capture and Streams". https://w3c.github.io/mediacapture-main/.

[BartelKlein2012-16] Bartel, Alexandre; Klein, Jacques; Le Traon, Yves; Monperrus, Martin (2012). Automatically securing permission-based software by reducing the attack surface: an application to Android. doi:10.1145/2351676.2351722. https://hal.archives-ouvertes.fr/hal-00726196/document.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]