I am curious how taintdroid track apps which use senseitive information.
Firstly, I check the diff between taintdroid and android.
According to TaintDroid Build Instructions, it modifies the source under dalvik/ and frameworks/base.
We can obtain the list of modified files by:
git diff --name-only 0e9d568ec6b946e77bc0ec1903acac1ef916e6d1for dalvik/, and
git diff --name-only 562ac30bddb37b8bebeedfb035111dda41187332.for framework/base.
The list for dalvik is too huge, is 456 files, so firstly we check one for framework/base.
README_TAINTDROID.txt api/current.xml cmds/servicemanager/Android.mk cmds/servicemanager/binder.c core/java/android/hardware/Camera.java core/java/android/hardware/SensorManager.java core/java/android/os/Parcel.java core/jni/Android.mk core/jni/android_util_Binder.cpp include/binder/Parcel.h libs/binder/Android.mk libs/binder/Parcel.cpp location/java/com/android/internal/location/GpsLocationProvider.java media/java/android/media/AudioRecord.java media/java/android/media/MediaRecorder.java media/jni/Android.mk media/jni/android_media_MediaRecorder.cpp services/java/com/android/server/LocationManagerService.java telephony/java/com/android/internal/telephony/gsm/GSMPhone.java telephony/java/com/android/internal/telephony/gsm/SIMRecords.java
Next, I'll check what changes were made in services and telephont.
No comments:
Post a Comment