Tag: sideloading | Page 2

Even Google Thinks Sideloading Apps on Android Is Horrible

August 6, 2021/in Mobile Security

Image for article titled Even Google Thinks Sideloading Apps on Android Is a Horrible Experience — Photo: Justin Sullivan (Getty Images)

So much is revealed when court documents are officially unsealed, and in the case of Epic Games’ antitrust complaint against Google, we now know that Google considered buying the Fortnite maker outright “squelch this threat.” Google also apparently attempted to convince Epic Games not to limit Fortnite to sideloading on Android devices, as doing so would lead to a poor user experience.

In the court filings, which you can download and peruse yourself, Epic cites an internal document where Google called Epic’s plans a “contagion” on its business. The company also alleges that “Google uses its size, influence, power, and money to push third parties into anticompetitive agreements that further entrench its monopolies.”

There is no public documentation indicating Google approached Epic with an offer to buy the gaming company, nor any clear timeline. Epic CEO Tim McSweeney tweeted in response to The Verge’s article on the matter that Google’s plan was “unbeknownst to us at the time.”

Epic also alleges that Google offered it a special deal to launch Fortnite in the Play Store. Though details remain sealed and redacted, the document then describes how senior Google Play managers approached Epic about its plans to limit Android users to sideloading the game.

One manager contacted Epic’s Vice President and Co-Founder to gauge Epic’s interest in a special deal and, among other things, discussed “the experience of getting Fortnite on Android” via direct downloading. The manager’s call notes state that she viewed direct downloading Fortnite as “frankly abysmal” and “an awful experience”, and that Epic should “worry that most will not go through the 15+ steps”.

G/O Media may get a commission

Elsewhere in the document, there are claims that Google had acknowledged sideloading applications “leads to a [po]or user experience,” since it takes Android users more steps than installing an app directly from an authenticated app store. A Google employee even ran through the “install friction” that makes direct downloading a “bad experience” for users.

Google’s bits to Epic reads like persuasion as to why it…

Source…

Hunting for Windows “Features” with Frida: DLL Sideloading

July 1, 2021/in Mobile Security

Offensive security professionals have been using Frida for analyzing iOS and Android mobile applications. However, there has been minimal usage of Frida for desktop operating systems such as Windows. Frida is described by the author as a “Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.” From a security research and adversarial simulation perspective, Frida can be used to identify MITRE ATT&CK technique T1574.002 also known as dynamic-link library (DLL) sideloading. Frida is not limited to identifying DLL sideloading. It can also identify MITRE ATT&CK technique T1546.015 also known as Component Object Model (COM) hijacking. This blog post will review DLL sideloading, and how attackers and offensive security professionals can identify potential DLL sideloading opportunities using X-Force Red’s proof-of-concept Frida tool Windows Feature Hunter (WFH).

What Is DLL Sideloading?

MITRE ATT&CK describes DLL sideloading in T1574.002 as follows:

Adversaries may execute their own malicious payloads by side-loading DLLs. Similar to DLL Search Order Hijacking, side-loading involves hijacking which DLL a program loads. But rather than just planting the DLL within the search order of a program then waiting for the victim application to be invoked, adversaries may directly side-load their payloads by planting then invoking a legitimate application that executes their payload(s).

MITRE ATT&CK goes on to say that “side-loading takes advantage of the DLL search order used by the loader by positioning both the victim application and malicious payload(s) alongside each other.”

Microsoft also wrote a blog post where they define what is considered a vulnerability, saying that CWD scenarios would be addressed with a security fix, while PATH directory scenarios would not, “since there can’t be a non-admin directory in the PATH, [it] can’t be exploited.”

Windows DLL Search Order

Microsoft details DLL search order in this post. The post describes DLL search order, as shown in the excerpt below:

A system can contain multiple versions of the same dynamic-link library (DLL). Applications can control the location…

Source…

Google warns against sideloading Android 11 DP4 from June security patch – 9to5Google

June 4, 2020/in Mobile Security

Google warns against sideloading Android 11 DP4 from June security patch 9to5Google
“android security news” – read more

Tag Archive for: sideloading

What Is DLL Sideloading?

Windows DLL Search Order