Association for Computing Machinery
The design of Android is based on a set of unprotected shared resources, including those inherited from Linux (e.g., Linux public directories). However, the dramatic development in Android applications (app for short) makes available a large amount of public background information (e.g., social networks, public online services), which can potentially turn such originally harmless resource sharing into serious privacy breaches. In this paper, the authors report their work on this important yet understudied problem. They discovered three unexpected channels of information leaks on Android: per-app data-usage statistics, ARP information, and speaker status (on or off).