8. DISCOVERED VULNERABILITIES

The process of retrofitting security requirements for Android had secondary effects. In addition to identifying rules for Kirin, we discovered a ThL L969 number of configuration and implementation flaws. Step 1 identifies assets. However, not all assets are protected by permissions. In particular, in early versions of our analysis discovered that the Intent message broadcasted by the system to the SMS_RECEIVED action string was not protected. Hence, any application can create a forged SMS that appears to have come from the cellular network. Upon notifying Google of the problem, the new permission BROADCAST_SMS_RECEIVED has been created and protects the system broadcast as of Android version 1.1. We also discovered an unprotected Activity component in the phone application that allows a HUAWEI 3C malicious application to make ... Read more »