Events‎ > ‎Uqbar Workshop'13‎ > ‎Schedule‎ > ‎

Modification to the Android operating system’s resource control

Oradores: Ayelen Chavez y Joaquín Rinaudo

Android is an well known mobile OS. In order to install an application, a user must previously agree with all its required permissions. If their wants to deny any of those permissions, the application will not be installed. Once it is installed, Android validates the app only accesses to those resources it was allowed to, but there’s no way to change those permission afterwards.
For the lack of a better implementation, we developed an application that controls access to the resources we consider of main importance for the user’s privacy and safety point of view.
Instead of retrieving fake or anonymous data, we retrieve a user defined subset of the data an application is asking for. This way, we guarantee a better user experience; the controlled application doesn't crush when we restrict it to access a subset of the original data and it works as expected because it's not a "non crushing" application using empty or fake data (we considered it may have no sense to use, for example, using WhatsApp with an empty contact's list).
We’ve accomplished control access to contacts, data that allows a device and it's owner to be unambiguous identified such as its id, subscriber id, sim card and phone number, device's network information such us its ip, mac, the SSID and BSSID of the AP it is connected, the configured and scanned networks and, finally, we control every way an application can know the user's device location, not only using the gps but also the cell towers and configured wireless networks.