Presentation Material
Abstract
With the releases of Android Oreo and Pie, Android introduced some background execution limitations for apps. Google restricted the execution of background services to save energy and to prevent apps from running endlessly in the background. Moreover, access to the device’s sensors was changed and a new concept named foreground service was introduced. Preventing apps from using the device’s resources like the camera. These limitations, however, would not affect so-called foreground services because they show a permanently visible notification to the user and could therefore be stopped by the user at any time.
A researcher named Thomas Sutter found a race condition bug in the Foreground Notification services in early 2019 and disclosed the same in BlackHat EU 19, which was making the concept of Foreground Notifications in Android totally ineffective.
I will show you how I bypassed Google’s patch for the bug Thomas found and made the foreground services ineffective again. I was also rewarded $5k from Google.