- cross-posted to:
- hackernews@derp.foo
- cross-posted to:
- hackernews@derp.foo
You must log in or # to comment.
Clickbaity headline to scare you for no reason with an easily detectable behavior. If a white box suddenly appears on top of all my other apps I would get really suspicious and start to uninstall apps until it went away.
That says, I do agree with the conclusion that granting permission to draw over other apps is dangerous.
The author proceeds to style the overlay like a toast, making it much less obvious than the ever-present white square. I wouldn’t dismiss it so easily.
I tested the demo app. Interestingly, the attack doesn’t work on samsung oneui 5, as mentioned in the article. Where even stock android 14 is vulnerable to this attack.