Cloak and Dagger - From Two Permissions to Complete Control of the UI Feedback Loop

Explore a critical security vulnerability in Android's permission system presented at the 2017 IEEE Symposium on Security & Privacy. Delve into how the SYSTEM_ALERT_WINDOW and BIND_ACCESSIBILITY_SERVICE permissions can be exploited to gain complete control of the UI feedback loop, enabling devastating attacks such as credential theft and silent installation of malicious apps. Learn about the design shortcomings in Android that make these attacks possible, their effectiveness in fooling users, and the challenges in addressing these vulnerabilities. Discover a proposed defense mechanism to protect Android users and developers from these threats. Gain insights into the importance of understanding permission capabilities and the potential consequences of underestimating seemingly innocuous permissions.

Intro
Permissions
Why Permissions
Clean Check Attacks
Invisible Grid Attack
The Problem
Phishing Attack
Dronetop
How to fix it
Conclusion
Questions