Android 6.0 New Permission Universe Turned Upside Down

User asked runtime permissions, and they got runtime permissions, sort of.

Google “fixed” the sandboxing model in Android 6.0, and one of the “cool” features is that now all Android Apps get access to internet, including mine. Hurray! … Crap, here goes my trustless security and privacy. Thanks Google, you are such a great friend!

But I really do not want Internet Access to my Apps. Which means that now my firewall needs to be extended.


Sandbox? What Sandbox?

Google actually went to great lengths to “fix” the sandbox and the permission model in Android 6.0.

“For example, if an app had previously requested and been granted the READ_CONTACTS permission, and it then requests WRITE_CONTACTS, the system immediately grants that permission.”

Which means that now malware has a new attack surface. Ask the user for permission to Read files/contacts, and once you have that permission, shamelessly ask for permission to Write files/contacts, which will be granted automatically.


What can we learn from this?

Android 6.0, effectively turns the Permission Model upside down. From a universe in which you could trust a local-services only App (like mine) we transitioned into a universe in which the local processing of data must be distrusted by default, unless the phone comes with other services to protect the user:

  • Internet access is granted to all Apps, regardless if they need it or not.
    • Effectively, Internet permission is worthless.
  • Local trust means nothing anymore in your App. The Apps can kindly request Read Access, and the Android 6.0 colludes with anyone that wants to abuse user’s trust, by automatically offering Write Access too, without user’s permission.
    • Effectively, Read-Only permission does not exists in Android 6.0.


What can I do?

My business model is not compatible with this new universe, so now I have to integrate NetGuard into my Firewall – which is, BTW, the number 1 reason for which my Firewall was rated with 1 star by users. And if I am at this task, I will integrate BitTorrent and Better by too.