/?pid=google-camera-flaw-android-21302

Updated:06:50 PM EDT Nov 01
this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
ARTICLES
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
FORUMS
LINKS


(C) 2006-2025 TechAmok Independent
All Rights Reserved.


 
 Google Camera Flaw (Android) - TechAmok

Google Camera Flaw (Android) - [security]
03:53 PM EST - Nov,19 2019 - post a comment

The thought of a stranger hijacking your camera and being able to see what you are doing without your knowledge is the stuff of nightmares for most people. Our phones tend to follow us into every area of our lives. Checkmarx decided to see if the cameras that are built into Android phones might be vulnerable to hacking. For their testing, the team took a Pixel 2 XL and Pixel 3 smartphone and began to probe the Google Camera app. The team found that there were a number of "concerning vulnerabilities" in the Google Camera app. They also found that the same vulnerabilities impact the camera apps of other smartphone vendors in the Android ecosystem. They specifically cited Samsung's camera app as vulnerable. The team found in testing that by manipulating specific actions and intents, an attacker can control the app to take photos and record photos through a rogue process that should have no permission to do so. Checkmarx also notes that it found specific attack scenarios that could enable malicious actors to circumvent various storage permission policies to give them access to stored videos and photos along with GPS metadata embedded in photos; that data could be parsed to locate the user. One way the researchers found enabled a rogue application to force the camera to take pictures and record videos even if the phone is locked or the screen turned off. The researchers were able to force video and images to be taken even when the user was in the middle of a voice call. Allowing an app to receive input from the camera, mic, and GPS location is highly invasive, according to Google (or course). The team was able to design an attack scenario that circumvents the permission policy by abusing the Google Camera app itself. The vulnerability has to do with giving permissions to external storage, which provides an app with access to the entire SD card. The team says that when activated during a voice call, the hacker could record the voices on both ends of a conversation. Checkmarx says that it has already notified Google of its findings, and the company updated vulnerable versions of the Camera App in July 2019.

Short overview of recent news articles

Battlefield REDSEC - Official Live-Action Trailer (Nov,01 2025 )

What's the Best PC Upgrade (besides CPU/GPU)? (Nov,01 2025 )

Directive 8020 - RTX On Trailer (Oct,31 2025 )

Stranger Things 5 - Official Trailer (Oct,30 2025 )

AMD Releases Software Adrenalin Edition 25.10.2 WHQL Drivers (Oct,29 2025 )

Exploding AMD CPUs | Investigating ASRock's Murderboards (Oct,29 2025 )

Setting Up Our First Huge Gaming Event was CHAOS (Oct,29 2025 )

Malware of the Future: What an infected system looks like in 2025 (Oct,27 2025 )

F1: Race Highlights | 2025 Mexico City Grand Prix (Oct,27 2025 )

F1: Qualifying Highlights | 2025 Mexico City Grand Prix (Oct,26 2025 )

New Big Windows 11 25H2 October Update - New Taskbar Battery Icons (Oct,25 2025 )

Apple Prepping 'Transfer to Android' Feature, Including 3rd-Party (Oct,25 2025 )

HW News - RIP Internet, RAM Prices Skyrocket from AI Demand, Intel (Oct,24 2025 )

Retro Gaming PC Upgrades go WRONG! (Oct,21 2025 )

How social media has ruined us - the more time you spend online, the (Oct,21 2025 )

FERRARI 12 CILINDRI // 340KMH REVIEW on AUTOBAHN (Oct,20 2025 )

ROG Xbox Ally X - a PC Gamer's Perspective (Oct,20 2025 )

Race Highlights | 2025 United States Grand Prix (Oct,20 2025 )

RedMagic Puts Liquid Cooling in its New Gaming Phone (Oct,18 2025 )

Russia Says U.S. Is Planning a $37 Trillion Crypto Reset (Oct,18 2025 )

Tor Browser says no to Firefox's AI features as it removes them (Oct,18 2025 )

NVIDIA GeForce 581.57 WHQL Driver (Oct,14 2025 )

Samsung One UI 8.5 vs iOS 26 - COMPARISON (Oct,13 2025 )

Google Turned Down by Supreme Court, Must Open up App Payments (Oct,12 2025 )

AMD releases new 25.10.1 preview graphics driver with Battlefield 6 (Oct,10 2025 )

MERCY Official Trailer (2026) Chris Pratt (Oct,10 2025 )

Galaxy S26 Ultra - Samsung, Please Don't Copy This (Oct,07 2025 )

Canada's Las Vegas Sphere is here - and I game on it (Oct,06 2025 )

Predator: Badlands - Official Final Trailer (2025) (Oct,06 2025 )

Chasing a Gaming World Record (Oct,04 2025 )

Frankenstein - Official Trailer (2025) Guillermo del Toro, Oscar (Oct,02 2025 )

iPhone 17 Pro Max vs 16 Pro Max / Pixel 10 Pro XL / Galaxy S25 Ultra (Oct,02 2025 )

iOS 26.0.1 is Out! - What's New? (Sep,30 2025 )

NEW! 2026 Audi Q3 2.0 TFSI (265hp) vs. e-hybrid (272hp)| 0-100 km/h (Sep,30 2025 )

Samsung One UI 8.5 Hands on - I Was Wrong (Sep,29 2025 )

iPhone Air Teardown - What is 3D Printed Titanium? (Sep,28 2025 )

Nvidia Wouldn't Send Me This $30,000 GPU - H200 Holy $H!T (Sep,28 2025 )

The Astronaut - Official Trailer (2025) Kate Mara, Laurence (Sep,27 2025 )

iPhone 17 Durability Test -- What Scratches are Permanent? (Sep,25 2025 )

iPhone 17 Pro Max vs. Galaxy S25 Ultra Drop Test! (Sep,23 2025 )

Race Highlights: A Swing In The Drivers' Title Fight? | 2025 (Sep,21 2025 )

BYD Yangwang U9 Hits 496.22 KM/H - EV Supercar Speed Record (Sep,21 2025 )

I'm FIRST to Unbox The World's Biggest TV (Sep,21 2025 )

Samsung Begins Rollout of Android 16 to Rest of Lineup (Sep,21 2025 )

iOS 26 Now Available, with Visual Intelligence (Sep,21 2025 )

Apple's iPhone 17 Series is Nearly Hack-Proof (Sep,21 2025 )

Qualifying Highlights - 2025 Azerbaijan Grand Prix (Sep,21 2025 )

iPhone 17 Pro vs Samsung S25 Ultra Camera Comparison! (Sep,20 2025 )

iPhone Air Durability test -- I AM SHOCKED (Sep,20 2025 )

Microsoft warns Office 2016/2019 users to switch to the cloud as (Sep,15 2025 )

>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs