After yet another workout where my sports watch completely lost GPS, I’d had enough. I decided to dig into its firmware and pinpoint the problem. I couldn’t find it published anywhere. No download section, no public archive, nothing. So, I changed tactics and went in through the Android app instead, hoping I could pull the firmware out from there. That’s where this story really begins.
Continue readingAndroid Jetpack Navigation: Go Even Deeper
Previous research
Some time ago, my colleague discovered an interesting vulnerability in the Jetpack Navigation library, which allows someone to open any screen of the application, bypassing existing restrictions for components that are not exported and therefore inaccessible to other applications. The issue lies with an implicit deep link processing mechanism, which any application on the device can interact with. This investigation prompted Google to add the following warning to the library documentation:
The issue with this warning is that, based on the documentation, it only concerns the APIs for creating explicit deep links when the problem is actually much deeper. But let’s take it step by step.
Continue reading