A bug in Android Q allows all applications to spy on a user

Android Q allows all applications

The permission system, which appeared on Android several years ago, was designed to limit applications that often grab privileges that were not intended for them. Thanks to it, users got the opportunity to prohibit installed software access to their location, messages and other information. However, the permission mechanism was so inconspicuous that many users, without paying attention, distributed to the applications all the permissions that they requested. Then Google decided to finalize it but made it worse.

In the fifth beta version of Android Q , a bug was discovered that automatically changes the permission system settings and allows applications to access geolocation services in the background. As a result, users reported that even those programs that were denied access to their location received such a privilege. Fortunately, due to the peculiarities of the implementation of the permission system in Android Q, users in time learned about unauthorized surveillance and were able to ban it.

Android spying

Obviously, the bug appeared in Android Q precisely as a result of Google’s work on improving the permission system. In the spring, the search giant announced that it plans to thoroughly approach the issue of security. its customers and wants to build in Android a mechanism that will record cases of application tracking for users and notify them about it. In this way, they would be able to make their own decisions about disabling the application or allowing it to continue to collect information.

This week it became known about a similar bug that was found in the release version of Android. It allowed applications to bypass the permission system, receiving information about the user’s actions – for example, his movements and correspondence with other users – through other applications that have access to this data. Google announced that it was aware of the problem, but promised to fix it only in Android Q.