Alastair R. Beresford
ABSTRACT
MockDroid is a modified version of the Android operating system which allows a user to 'mock' an application's access to a resource. This resource is subsequently reported as empty or unavailable whenever the application requests access. This approach allows users to revoke access to particular resources at run-time, encouraging users to consider the trade-off between functionality and the disclosure of personal information whilst they use an application. Existing applications continue to work on MockDroid, possibly with reduced functionality, since existing applications are already written to tolerate resource failure, such as network unavailability or lack of a GPS signal. We demonstrate the practicality of our approach by successfully running a random sample of twenty-three popular applications from the Android Market.
- http://bits.blogs.nytimes.com/2010/01/05/apples-app-store-tops-3-billion-downloads/. Retrieved 17th October 2010.Google Scholar
- http://docs.blackberry.com/en/developers/deliverables/11944/CS_Using_the_Location_API_using_JavaScript_898722_11.jsp. Retrieved 22th October 2010.Google Scholar
- http://www.apple.com/ipad/features/app-store.html. Retrieved 17th October 2010.Google Scholar
- http://www.guardian.co.uk/technology/blog/2010/oct/06/facebook-privacy-phone-numbers-upload. Retrieved 20th October 2010.Google Scholar
- L. Desmet, W. Joosen, F. Massacci, P. Philippaerts, F. Piessens, I. Siahaan, and D. Vanoverberghe. Security-by-contract on the .net platform. Information Security Technical Report, 13(1):25--32, 2008. Google ScholarDigital Library
- W. Enck, P. Gilbert, B. gon Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the 9th Usenix Symposium on Operating Systems Design and Implementation, pages 393--408, August 2010. Google ScholarDigital Library
- A. Popescu. Geolocation API Specification. Technical report, W3C, February 2010. http://dev.w3.org/geo/api/spec-source.html Retrieved 22nd October 2010.Google Scholar
Index Terms
- MockDroid: trading privacy for application functionality on smartphones
Recommendations
Privacy as part of the app decision-making process
CHI '13: Proceedings of the SIGCHI Conference on Human Factors in Computing SystemsSmartphones have unprecedented access to sensitive personal information. While users report having privacy concerns, they may not actively consider privacy while downloading apps from smartphone application marketplaces. Currently, Android users have ...
Enhancing security enforcement on unmodified Android
SAC '13: Proceedings of the 28th Annual ACM Symposium on Applied ComputingAndroid OS have several security vulnerabilities. Most of existing proposals require extensive modification of Android kernel or application framework. So, they are not feasible for end users which use stock Android OS. In this paper, we present a novel ...
Notify Assist: Balancing Privacy and Convenience in Delivery of Notifications on Android Smartphones
WPES '17: Proceedings of the 2017 on Workshop on Privacy in the Electronic SocietyToday, notifications have become a popular medium for mobile applications to inform users about a variety of events. Android supports lock screen notifications to aid the convenience of users in viewing notification content. To address privacy concerns, ...
Comments