Full Disclosure mailing list archives
Re: Google's Android: remote install backdoor in Google Play Services
From: Michael Lazin <microlaser () gmail com>
Date: Fri, 16 Oct 2020 13:46:48 -0400
I do see the point and even though it is not a deliberate back door the end result is if your google account is compromised and an attacker wants to be sneaky they could push software to your android device without your permission. Given the history of malware found in the play store I would recommend making a feature request to google to notify you if someone pushes software from the web from a previously unknown IP. If you don't want to do this I would be happy to and would of course credit you for your find. On Fri, Oct 16, 2020, 1:21 PM Pedro Cunha <pedroagracio () gmail com> wrote:
I don't see how this is an "on-purpose backdoor". As far as I know, this feature is used so you can install Android apps on your phone via the web interface on another device (like a desktop) logged into the same Google account, via the Play Store.
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Re: Google's Android: remote install backdoor in Google Play Services Enrico Weigelt, metux IT consult (Oct 16)
- Re: Google's Android: remote install backdoor in Google Play Services Adrian Sanabria (Oct 20)
- Re: Google's Android: remote install backdoor in Google Play Services Pedro Cunha (Oct 20)
- Re: Google's Android: remote install backdoor in Google Play Services Michael Lazin (Oct 20)