Conversation

Notices

1. Embed this notice
   mcc (mcc@mastodon.social)'s status on Thursday, 16-Jan-2025 04:29:25 JST mcc

   I am about to install an app from the Play Store on my phone (Android 13, up-to-date, not Samsung). I kind of actively mistrust this app, at the level of "this may or may not contain a nation-state-adversary payload". Are there any proactive measures I can take to prevent this app from escaping Android app containment?

   • Embed this notice
     Rich Felker (dalias@hachyderm.io)'s status on Thursday, 16-Jan-2025 04:30:14 JST Rich Felker

     in reply to

     • Graham Sutherland / Polynomial

     @gsuberland @mcc 🤷 App Ops seems to work for me.

   • Embed this notice
     Graham Sutherland / Polynomial (gsuberland@chaos.social)'s status on Thursday, 16-Jan-2025 04:30:15 JST Graham Sutherland / Polynomial

     in reply to

     @mcc annoyingly stock android still doesn't let you say no to most of the permissions that apps demand on install, barring a few exceptions, and because they're not designed to assume that a permission can be denied the apps will usually just crash if you do somehow manually tweak stuff to turn the permissions off.

   • Embed this notice
     Graham Sutherland / Polynomial (gsuberland@chaos.social)'s status on Thursday, 16-Jan-2025 04:30:16 JST Graham Sutherland / Polynomial

     in reply to

     @mcc "use a VPN" solves no actual threat model here, it's just an incantation made up by VPN company marketing

     "use a second device" is cumbersome, costly, and in most cases probably doesn't fit with the reason you wanted to install the app in the first place

     "use grapheneOS" and similar are pretty high effort and mostly recommended by people who have never actually done this, or the kinds of people who run an ancient ThinkPad with CoreBoot to ward away Intel CSME

   • Embed this notice
     Graham Sutherland / Polynomial (gsuberland@chaos.social)'s status on Thursday, 16-Jan-2025 04:30:18 JST Graham Sutherland / Polynomial

     in reply to

     @mcc i was recently pondering this too and didn't find a good solution (or really any solution that didn't read like shallow value-add marketing from security vendors)

   • Embed this notice
     Rich Felker (dalias@hachyderm.io)'s status on Thursday, 16-Jan-2025 04:38:43 JST Rich Felker

     in reply to

     • Graham Sutherland / Polynomial

     @mcc @gsuberland Not entirety because it can't stop exploits against Android's flaky platform where you have no idea if permissions are actual access control boundaries enforced by NSA^H^H^HSElinux mechanisms or just pretend controls enforced only by Java APIs...

   • Embed this notice
     mcc (mcc@mastodon.social)'s status on Thursday, 16-Jan-2025 04:38:44 JST mcc

     in reply to

     • Graham Sutherland / Polynomial
     • Rich Felker

     @dalias @gsuberland So is App Ops your recommendation to my original question? Also I think Graham is saying that App Ops may work but the targeted app may stop working if you use it.

   • Embed this notice
     Rich Felker (dalias@hachyderm.io)'s status on Thursday, 16-Jan-2025 04:42:17 JST Rich Felker

     in reply to

     • Graham Sutherland / Polynomial

     @mcc @gsuberland Apo Ops is my recommendation if you're just trying to block an otherwise vaguely trustworthy app from accessing stuff you don't want it to. Not as hard security boundary against a hardcore malicious app.