Autofill Services and Security: Update

Previously, I wrote about security problems inherent in Android 8.0’s autofill system. Google basically dumped security problems onto the developers of autofill services, and then did not document what autofill service developers needed to do.

In an update yesterday to the still-locked security issue, Google pointed out that they have now improved the JavaDocs to discuss these issues more and have updated their sample app to demonstrate these approaches.

I have updated my white paper to match. I have not tested their revised sample app.

My mission was to try to get autofill fixed in Android 8.0 itself. I failed in this regard, as autofill security is now the responsibility of autofill services. But, at this point, I leave it up to the regular cadre of Android security researchers to try to identify flawed autofill services or to poke other holes in Android 8.0’s autofill system.

Writing an autofill service is a very niche topic, and so it does not seem to make sense for me to invest a lot of time in trying to improve upon Google’s sketchy instructions on the subject. If you would like me to try to write more about this, please let me know, as I may try to do more here if there is sufficient interest.