> App security for other platforms generally involves code analysis to see what it does, rather than denying access to APIs. But Google made a decision to restrict APIs ...
oh, you would simply statically analyze the javascript to know if it's bad. intriguing
Conversation
You’re unable to view this Tweet because this account owner limits who can view their Tweets. Learn more
Replying to
my understanding is that there is some very simple tooling that notes if there are obvious violations of app store policy, so not entirely manual
2
6
Replying to
Android has a whole bunch of APIs where consent has to be requested from the user but Play Store has policies covering when you're allowed to request it. To make review easier, they add under the hood non-user-facing permissions (non-dangerous permissions) for static analysis.
1
3
It means they can check the app manifest to determine whether those things are being requested from users and then they can enforce the policies.
Similarly, they like adding those under-the-hood non-dangerous permissions when there isn't a complete privacy/security model.
1
3
For example, the low-level QUERY_ALL_PACKAGES allows listing and querying info about apps in the same user profile. An app without the permission can determine the apps installed in the profile by manually listing queries or using indirect ways of obtaining the information.
1
2
They don't currently consider it a complete implementation that's meant to enforce any real privacy properties. It could eventually reach that point and become a user-facing permission. Until then, it's used as a static analysis aid for review apps because it does cover most.
1
4
Both Apple and Google do a lot of incomplete / inaccurate static and dynamic analysis of the apps too. Historically, the Play Store didn't have nearly as much review and Android actually ended up implementing stricter technical enforcement of privacy/security rules in many cases.
1
2
Apple used to be strong believers in enforcing most things via strict app review and often requiring developers got permission from Apple to use something (entitlements) rather than users. They both ended up with roughly the same approach from different directions now though.