OLD: Application vetting services could look for android.permission.READ_CALL_LOG in an Android application’s manifest. Most applications do not need call log access, so extra scrutiny could be applied to those that request it.
On Android, the user can manage which applications have permission to access the call log through the device settings screen, revoking the permission if necessary.
NEW: A defender observes an Android application requesting for android.permission.READ_CALL_LOG, which may also be listed in the application's manifest file.
| Data Component | Name | Channel |
|---|---|---|
| OS API Execution (DC0021) | android:logcat | Invocation of CallLogs.getLastOutgoingCall() |
| Application Permission (DC0114) | android:MDMLog | Application granted or retaining the READ_CALL_LOG permission. |
Application vetting services could look for android.permission.READ_CALL_LOG in an Android application’s manifest. Most applications do not need call log access, so extra scrutiny could be applied to those that request it.
On Android, the user can manage which applications have permission to access the call log through the device settings screen, revoking the permission if necessary.
| Data Component | Name | Channel |
|---|---|---|
| Application Permission (DC0114) | Application Vetting | None |
| System Settings (DC0118) | User Interface | None |