Difference between revisions of "Web View"

From MgmtWiki
Jump to: navigation, search
(Other References)
(References)
 
(6 intermediate revisions by the same user not shown)
Line 10: Line 10:
 
* The article [https://www.wired.com/story/iphone-touch-id-scam-apps/ Watch Out for a Clever Touch ID Scam Hitting the App Store] shows how unscrupulous apps can fool the user in to granting access to their bank accounts.
 
* The article [https://www.wired.com/story/iphone-touch-id-scam-apps/ Watch Out for a Clever Touch ID Scam Hitting the App Store] shows how unscrupulous apps can fool the user in to granting access to their bank accounts.
 
* A [[Web View]] is a display of information from a [[Web Site]]. There is no trustworthy indication that the [[Native App]] has correctly displayed the information that it obtained from the [[Web Site]].
 
* A [[Web View]] is a display of information from a [[Web Site]]. There is no trustworthy indication that the [[Native App]] has correctly displayed the information that it obtained from the [[Web Site]].
 +
* Any script running inside of a [[Web View]] is operating with the full permissions of the user. There is no sandbox as there is with a trustworthy web browser.
 +
* There is no means for the user's device to indicate the trustworthiness of any running app.
  
 
==Solutions==
 
==Solutions==
* The [[Native App]] exposes its name and the web site that backs it in a manner that allows the user to make a meaningful trust decision.
+
* The [[Native App]] exposes its name and the [[Web Platform Identifier]] of the web site that backs it so that the user can make a meaningful trust decision.
** Android play store requires<ref name='android'>''Handling Android App Links.'' https://developer.android.com/training/app-links/</ref> any app that uses a brand name service to be securely bound to a [[URL]] that properly exposes that brand.
+
** Android play store requires<ref name='android'>''Handling Android App Links.'' https://developer.android.com/training/app-links/</ref> any app that uses a [[Brand]] name service to be securely bound to a [[URL]] that properly exposes that brand.
 
** Apple has not released any plans to improve app naming security as of 2018-09-21.
 
** Apple has not released any plans to improve app naming security as of 2018-09-21.
 
* Joint use [[Native App]]s are provide to some industries for all to use. It makes the trust decision by the user much more difficult.
 
* Joint use [[Native App]]s are provide to some industries for all to use. It makes the trust decision by the user much more difficult.
Line 22: Line 24:
 
* Rules for apps installed on Windows devices are of two types, but it is not clear how the user could possibly distinguish, so the concept has not been helpful.
 
* Rules for apps installed on Windows devices are of two types, but it is not clear how the user could possibly distinguish, so the concept has not been helpful.
 
*[https://github.com/TransparentHealth/poet Pre Oauth Entity Trust] describes a means to represent third-party application endorsement for health care applications. POET’s goal is to help consumers distinguish between applications that have an endorsement versus applications that have no pedigree (i.e untrusted and could be malicious).
 
*[https://github.com/TransparentHealth/poet Pre Oauth Entity Trust] describes a means to represent third-party application endorsement for health care applications. POET’s goal is to help consumers distinguish between applications that have an endorsement versus applications that have no pedigree (i.e untrusted and could be malicious).
 +
* [https://developer.android.com/reference/android/webkit/WebView Android WebView] "WebView objects allow you to display web content as part of your activity layout, but lack some of the features of fully-developed browsers. A WebView is useful when you need increased control over the UI and advanced configuration options that will allow you to embed web pages in a specially-designed environment for your app"
 
* Android App list of [[Data Category|Data Categories]] that require [[User Consent]]. https://support.google.com/googleplay/answer/6270602?hl=en
 
* Android App list of [[Data Category|Data Categories]] that require [[User Consent]]. https://support.google.com/googleplay/answer/6270602?hl=en
 
* Apple iPhone App Requesting Permission: https://developer.apple.com/design/human-interface-guidelines/ios/app-architecture/requesting-permission/
 
* Apple iPhone App Requesting Permission: https://developer.apple.com/design/human-interface-guidelines/ios/app-architecture/requesting-permission/
Line 27: Line 30:
 
* Apple CKContainer manages all attempts to access user data on the device or in iCloud. https://developer.apple.com/documentation/cloudkit/ckcontainer
 
* Apple CKContainer manages all attempts to access user data on the device or in iCloud. https://developer.apple.com/documentation/cloudkit/ckcontainer
 
* Windows (UWP) settings are on all Windows 10 computer, but do not seem to be shown anywhere on the web.  Just navigate start -> settings -> privacy -> app settings.
 
* Windows (UWP) settings are on all Windows 10 computer, but do not seem to be shown anywhere on the web.  Just navigate start -> settings -> privacy -> app settings.
 +
 
==References==
 
==References==
 
<references />
 
<references />
Line 35: Line 39:
  
  
 +
[[Category:Glossary]]
 
[[Category:Security]]
 
[[Category:Security]]
 
[[Category:Identifier]]
 
[[Category:Identifier]]
 +
[[Category: Web]]

Latest revision as of 09:01, 8 April 2022

Full Title and Meme

A display of information from a Web Site by an application that is installed on a user's computing device with full power to act as the user.

Context

  • The first of the Laws of Security tell us that when an attacker gets to run their code on your computer, it is no longer just your computer any longer.
  • The Native App that is displaying the Web View is operating on the user's device with all of the privileges that the user enabled when the app was loaded.

Problems

  • In Open Banking it is proposed that a payment initiator and a bank can both have Native Apps running where the payment initiator app asks the banking app on the same device for permission to remove money from the user's account.
  • The article Watch Out for a Clever Touch ID Scam Hitting the App Store shows how unscrupulous apps can fool the user in to granting access to their bank accounts.
  • A Web View is a display of information from a Web Site. There is no trustworthy indication that the Native App has correctly displayed the information that it obtained from the Web Site.
  • Any script running inside of a Web View is operating with the full permissions of the user. There is no sandbox as there is with a trustworthy web browser.
  • There is no means for the user's device to indicate the trustworthiness of any running app.

Solutions

  • The Native App exposes its name and the Web Platform Identifier of the web site that backs it so that the user can make a meaningful trust decision.
    • Android play store requires[1] any app that uses a Brand name service to be securely bound to a URL that properly exposes that brand.
    • Apple has not released any plans to improve app naming security as of 2018-09-21.
  • Joint use Native Apps are provide to some industries for all to use. It makes the trust decision by the user much more difficult.
  • Same Site was designed to help, but as of (2018-09-21) is not consistently applied.

Organizational Support

References

  1. 1.0 1.1 Handling Android App Links. https://developer.android.com/training/app-links/

Other References