Closed zerotrust-community closed 1 year ago
This is not the LineageOS bug tracker, nor can I reproduce this issue.
You should update both your Firefox/Mull and your LineageOS.
You should also remove any root apps, other system apps you added/changed, and you should also not grant any apps special permissions via ADB. Like try a fresh start.
i don't have root on my phone and i don't grant access to apps over ADB, i know that here is no lineage bug tracker, i will install DivestOS and check if bug persist. if yes, i will write here with proofs, thanks.
Hi, this bug (or backdoor) i found on LineageOS, i cannot contact him, because they don't have a normal contact. On wikipedia i saw that your fork is based in LineageOS? if you use LineageOS as base, then this bug can persist in your builds to!. if it's possible please investigate this BUG (or backdoor)?. and reply with technical details about why this happens, thanks. I will install DivestOS on my phone litle later and i will try to reproduce this bug on your firmware to.
in video i show how i open youtube tam and make search using voice, but i don't allow microphone access to firefox, but my woice is recorded successfully and youtube show relevant results about my voice prompt.**
Video demonstration: recoded time (12.47)
Remark: i cannot record sound in other apps, like telegram, element, simple voice recorder, chromite, only in Firefox!. Integrated recorder not record entire screen, i don't know why. my phone model: Xiaomi POCO F3 https://wiki.lineageos.org/devices/alioth/variant1
https://github.com/Divested-Mobile/DivestOS-Build/assets/148634618/61580442-3c3b-452b-b473-081f0c7b9989
On screen below, i show that information about accessed microphone time is not stored in system! this happend only when microphone is disabled from system menu! And when microphone is disabled from system menu green dot not showing, all work very stealth, to catch information about microphone usage i used Vigilante this app can catch access microphone time when i use some app that use microphone.
P.S theoretically i can use same firefox API to access microphone and make hidden sound recorder that will work always, even if microphone is disabled from system.