






















Android's open-source nature facilitates widespread smartphone accessibility, particularly in price-sensitive markets. System and vendor applications that come pre-installed on budget Android devices frequently operate with elevated privileges, yet they receive limited independent examination. To address this gap, we developed a framework that extracts APKs from physical devices and applies static analysis to identify privacy and security issues in embedded software. Our study examined 1,544 APKs collected from seven African smartphones. The analysis revealed that 145 applications (9%) disclose sensitive data, 249 (16%) expose critical components without sufficient safeguards, and many present additional risks: 226 execute privileged or dangerous commands, 79 interact with SMS messages (read, send, or delete), and 33 perform silent installation operations. We also uncovered a vendor-supplied package that appears to transmit device identifiers and location details to an external third party. These results demonstrate that pre-installed applications on widely distributed low-cost devices represent a significant and underexplored threat to user security and privacy.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。