Daniel Micay on Twitter: "@bertjwregeer @securityfu @carrickdb @halvarflake Apps can obviously read the system libraries that are part of the public API on iOS too. Why not retract the clearly false and uninformed statement? Leaving it up to mislead people while knowing that it's so clearly wrong is dishonest. There's definitely a strong app sandbox." / Twitter

What the actual fuck? How is this not a violation of my privacy expectations, and how is this justified?

Quote Tweet

Aug 30, 2019

Facebook scans system libraries from their Android app user’s phone in the background and uploads them to their server This is called "Global Library Collector" at Facebook, known as "GLC" in app’s code It periodically uploads metadata of system libraries to the server

Show this thread

40

336

767

This Tweet was deleted by the Tweet author. Learn more

Replying to

and

Apps can obviously read the system libraries that are part of the public API on iOS too. Why not retract the clearly false and uninformed statement? Leaving it up to mislead people while knowing that it's so clearly wrong is dishonest. There's definitely a strong app sandbox.

8:22 PM · Aug 31, 2019Twitter Web App

Replying to

The SELinux policy has to go out of the way to mark libraries that are part of the public API as accessible to apps. There are out-of-band updates to libraries via apks too, but they'll always end up near the latest version and those have verified boot too. It's not identifying.

1

Replying to

I don't know why you claim that apps have read access to everything. They have read access to very little. They can access an extremely tiny subset of /proc (a subset of information for their own processes), essentially none of /sys (a couple specific APIs), none of debugfs, etc.

1

Show replies

Conversation