
An Analysis of Pre-Installed Android Software - quicon
https://dialnet.unirioja.es/servlet/articulo?codigo=6713708
======
quicon
Page 69: Thanks to the openness of the Android ecosystem, mobile device
vendors can build and sell smart phones and other mobile devices using their
own custom versions of Android. Most of these custom versions deviate
significantly from Google’s official Android Open Source Project (AOSP): in
addition to various visual and functional changes to the base OS, vendors add
proprietary applications (apps hereafter) to their firmware, and sometimes
even add custom (often unknown) certificates to the system’s root certificate
store. In fact, recent anecdotal evidence has revealed that pre-installed apps
can put, intentionally or not, user’s privacy and security at risk. This is
especially concerning for lesser-known brands producing lower-end devices for
whom preserving user privacy might not be high on the priority list. In this
extended abstract, we present our methodology to explore the complex and
diverse ecosystem of Android pre-installed apps as well as our preliminary
results.

