GitLab

A malicious app running in the background could continuously send crafted intents to annoy the user until she decides to uninstall Briar.

This issue can be confirmed by running the following ADB Commands:

adb shell am start -a "android.intent.action.MANAGE_NETWORK_USAGE" -n "org.briarproject.briar/org.briarproject.briar.android.settings.SettingsActivity"
adb shell am start -a "info.guardianproject.panic.action.CONNECT" -n "org.briarproject.briar/org.briarproject.briar.android.panic.PanicPreferencesActivity"
adb shell am start -a "android.intent.action.MAIN" -n
"org.briarproject.briar/org.briarproject.briar.android.splash.SplashScreenActivity"

This sequence displays the Briar settings, then the panic settings, then the splash screen, logging the user out.

These intents are all useful, but we should consider how to handle them in such a way that the potential disruption is minimised. The MANAGE_NETWORK_USAGE intent could be removed if necessary.