/?pid=google-camera-flaw-android-21302

Updated:05:47 PM EDT May 20
this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
ARTICLES
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
FORUMS
LINKS


(C) 2006-2025 TechAmok Independent
All Rights Reserved.


 
 Google Camera Flaw (Android) - TechAmok

Google Camera Flaw (Android) - [security]
03:53 PM EST - Nov,19 2019 - post a comment

The thought of a stranger hijacking your camera and being able to see what you are doing without your knowledge is the stuff of nightmares for most people. Our phones tend to follow us into every area of our lives. Checkmarx decided to see if the cameras that are built into Android phones might be vulnerable to hacking. For their testing, the team took a Pixel 2 XL and Pixel 3 smartphone and began to probe the Google Camera app. The team found that there were a number of "concerning vulnerabilities" in the Google Camera app. They also found that the same vulnerabilities impact the camera apps of other smartphone vendors in the Android ecosystem. They specifically cited Samsung's camera app as vulnerable. The team found in testing that by manipulating specific actions and intents, an attacker can control the app to take photos and record photos through a rogue process that should have no permission to do so. Checkmarx also notes that it found specific attack scenarios that could enable malicious actors to circumvent various storage permission policies to give them access to stored videos and photos along with GPS metadata embedded in photos; that data could be parsed to locate the user. One way the researchers found enabled a rogue application to force the camera to take pictures and record videos even if the phone is locked or the screen turned off. The researchers were able to force video and images to be taken even when the user was in the middle of a voice call. Allowing an app to receive input from the camera, mic, and GPS location is highly invasive, according to Google (or course). The team was able to design an attack scenario that circumvents the permission policy by abusing the Google Camera app itself. The vulnerability has to do with giving permissions to external storage, which provides an app with access to the entire SD card. The team says that when activated during a voice call, the hacker could record the voices on both ends of a conversation. Checkmarx says that it has already notified Google of its findings, and the company updated vulnerable versions of the Camera App in July 2019.

Short overview of recent news articles

I Got the Golden GPU from Dubai (May,20 2025 )

Windows 10 emergency update KB5061768 fixes BitLocker boot loops - (May,19 2025 )

2025 AUDI S5 AVANT // 0-100 100-200 TOP SPEED POV & SOUND (May,19 2025 )

Jurassic World Rebirth - Official 'Alert' Teaser Trailer (2025) (May,18 2025 )

F1 25 and F1 The Movie hand in hand (May,18 2025 )

Everyone is Cooling Their PC Wrong (May,17 2025 )

M5 KILLER? Testing the MERCEDES E63S AMG! (May,16 2025 )

Samsung Fully Reveals 5.8mm-Thick Galaxy S25 Edge (May,16 2025 )

Apple Intros New Accessibility Apps, Plus Accessibility "Labels" (May,16 2025 )

Americana - Official Trailer (2025) Sydney Sweeney, Halsey, Simon (May,16 2025 )

Aston Martin x Apple CarPlay Ultra - Next generation of automotive (May,16 2025 )

Google TAG deleted 23,000+ YouTube channels in January, February, (May,15 2025 )

NVIDIA GeForce Game Ready 576.40 WHQL Driver Released (May,14 2025 )

F1 - Official Trailer #2 (2025) Brad Pitt, Damson Idris, Kerry (May,13 2025 )

The Old Guard 2 - Official Trailer (2025) Charlize Theron, KiKi (May,11 2025 )

I think I know why Ryzen 9000 Series CPUs are Dying...(!) (May,11 2025 )

Is Windows Defender good enough in 2025? (May,10 2025 )

AMD Adrenalin 25.5.1 Driver Released for Doom: The Dark Ages (May,09 2025 )

Ripple SEC Grip OVER, XRP Freedom of USE, Market MODE BULL RUN (May,09 2025 )

"Is x86 Actually Screwed?" ft. Wendell of Level1 Techs - (May,08 2025 )

Android's New Design Guidelines Leaked (May,07 2025 )

Grand Theft Auto VI trailer #2 (May,06 2025 )

Microsoft's Dirty Secret: Your Old PC is Now Trash! (May,05 2025 )

No Noise Cancelling? GOOD. Unboxing the nwm One Headphones & First (May,04 2025 )

NEW! 2025 Audi S5 (367hp) | 0-258 km/h acceleration (May,04 2025 )

Bugatti Bolide vs Nurburgring. 1825 HorsePower Insanity (May,02 2025 )

This will be the largest tech Yard Sale EVER! Insanely low prices on (May,01 2025 )

Skoda Kodiaq RS 245 // 0-100 100-200 TOP SPEED POV & SOUND (May,01 2025 )

Disable or Uninstall Windows Recall to Protect Your Data Privacy (May,01 2025 )

A new Alternative to Nextcloud? OpenCloud presented and local (May,01 2025 )

NVIDIA GeForce Hotfix Driver 576.26 Available (Apr,29 2025 )

2025 Porsche 911 992.2 GTS T HYBRID | SOUND 0-100 100-200 200-300 & (Apr,28 2025 )

We Made Perfect Thermal Paste in a Factory, ft. Der8auer | Made In (Apr,28 2025 )

Cyber Security Company CEO Arrested for Installing Malware on (Apr,28 2025 )

This Kid Made his Own Laptop and it's AMAZING! (Apr,27 2025 )

How is this SO CHEAP? - Ubiquiti Cloud Gateway Fiber (Apr,26 2025 )

Ripple president on stablecoins, Trump and tokenization (Apr,26 2025 )

T-Mobile Launches 5G Advanced (Apr,26 2025 )

540HP BMW E46 M3 5.0 V10 // 300KMH REVIEW on AUTOBAHN (Apr,25 2025 )

Has Nvidia Given Up? (Apr,25 2025 )

AMD Software Adrenalin 25.4.1 Beta Drivers Released (Apr,23 2025 )

Stop Paying for Cloud Storage: How I Built My Own Photo Backup (Apr,23 2025 )

Wednesday: Season 2 - Official Teaser Trailer (Apr,23 2025 )

Everything You Need To Know About Windows 10 LTSC (Apr,23 2025 )

Do NOT use Distilled Water for your Water Cooling Loop! (Apr,22 2025 )

Intel Improves 285K Performance with a Big Update (Apr,22 2025 )

FERRARI 812 GTS // REVIEW on AUTOBAHN (Apr,20 2025 )

Meta Disables Apple Intelligence in Facebook and Other Apps (Apr,19 2025 )

Change these Windows Settings for a smarter PC (Apr,19 2025 )

How a malware pdf hacked 4chan (Apr,19 2025 )

>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs