{"record_type":"pith_number_record","schema_url":"https://pith.science/schemas/pith-number/v1.json","pith_number":"pith:2014:JGKU3BKNPAG7PM77BWHOEFDKRP","short_pith_number":"pith:JGKU3BKN","schema_version":"1.0","canonical_sha256":"49954d854d780df7b3ff0d8ee2146a8bd9ac6b92a18ee27cc0b343db6d069c9f","source":{"kind":"arxiv","id":"1404.4553","version":3},"attestation_state":"computed","paper":{"title":"Analyzing Android Browser Apps for file:// Vulnerabilities","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Daoyuan Wu, Rocky K. C. Chang","submitted_at":"2014-04-17T15:11:35Z","abstract_excerpt":"Securing browsers in mobile devices is very challenging, because these browser apps usually provide browsing services to other apps in the same device. A malicious app installed in a device can potentially obtain sensitive information through a browser app. In this paper, we identify four types of attacks in Android, collectively known as FileCross, that exploits the vulnerable file:// to obtain users' private files, such as cookies, bookmarks, and browsing histories. We design an automated system to dynamically test 115 browser apps collected from Google Play and find that 64 of them are vuln"},"verification_status":{"content_addressed":true,"pith_receipt":true,"author_attested":false,"weak_author_claims":0,"strong_author_claims":0,"externally_anchored":false,"storage_verified":false,"citation_signatures":0,"replication_records":0,"graph_snapshot":true,"references_resolved":false,"formal_links_present":false},"canonical_record":{"source":{"id":"1404.4553","kind":"arxiv","version":3},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2014-04-17T15:11:35Z","cross_cats_sorted":[],"title_canon_sha256":"db55c9fe1365f103ee57e31136577c3a1fd763d24db68988fe26c4a43a4784f1","abstract_canon_sha256":"ce4ff2a2d031f2cf849b77a46f23c5f62857c18037a066b22c8962cb99f0e573"},"schema_version":"1.0"},"receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T02:43:53.918226Z","signature_b64":"5AIa7gexs9aCbvXjnW698kVCaUC/jtDCgQZQ2OBzwMms8JBBZAqXMBchW0PjC8cDxiAiLow4bGaoyFwilgVdAg==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"49954d854d780df7b3ff0d8ee2146a8bd9ac6b92a18ee27cc0b343db6d069c9f","last_reissued_at":"2026-05-18T02:43:53.917806Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T02:43:53.917806Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"graph_snapshot":{"paper":{"title":"Analyzing Android Browser Apps for file:// Vulnerabilities","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Daoyuan Wu, Rocky K. C. Chang","submitted_at":"2014-04-17T15:11:35Z","abstract_excerpt":"Securing browsers in mobile devices is very challenging, because these browser apps usually provide browsing services to other apps in the same device. A malicious app installed in a device can potentially obtain sensitive information through a browser app. In this paper, we identify four types of attacks in Android, collectively known as FileCross, that exploits the vulnerable file:// to obtain users' private files, such as cookies, bookmarks, and browsing histories. We design an automated system to dynamically test 115 browser apps collected from Google Play and find that 64 of them are vuln"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1404.4553","kind":"arxiv","version":3},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"aliases":[{"alias_kind":"arxiv","alias_value":"1404.4553","created_at":"2026-05-18T02:43:53.917862+00:00"},{"alias_kind":"arxiv_version","alias_value":"1404.4553v3","created_at":"2026-05-18T02:43:53.917862+00:00"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1404.4553","created_at":"2026-05-18T02:43:53.917862+00:00"},{"alias_kind":"pith_short_12","alias_value":"JGKU3BKNPAG7","created_at":"2026-05-18T12:28:33.132498+00:00"},{"alias_kind":"pith_short_16","alias_value":"JGKU3BKNPAG7PM77","created_at":"2026-05-18T12:28:33.132498+00:00"},{"alias_kind":"pith_short_8","alias_value":"JGKU3BKN","created_at":"2026-05-18T12:28:33.132498+00:00"}],"events":[],"event_summary":{},"paper_claims":[],"inbound_citations":{"count":0,"internal_anchor_count":0,"sample":[]},"formal_canon":{"evidence_count":0,"sample":[],"anchors":[]},"links":{"html":"https://pith.science/pith/JGKU3BKNPAG7PM77BWHOEFDKRP","json":"https://pith.science/pith/JGKU3BKNPAG7PM77BWHOEFDKRP.json","graph_json":"https://pith.science/api/pith-number/JGKU3BKNPAG7PM77BWHOEFDKRP/graph.json","events_json":"https://pith.science/api/pith-number/JGKU3BKNPAG7PM77BWHOEFDKRP/events.json","paper":"https://pith.science/paper/JGKU3BKN"},"agent_actions":{"view_html":"https://pith.science/pith/JGKU3BKNPAG7PM77BWHOEFDKRP","download_json":"https://pith.science/pith/JGKU3BKNPAG7PM77BWHOEFDKRP.json","view_paper":"https://pith.science/paper/JGKU3BKN","resolve_alias":"https://pith.science/api/pith-number/resolve?arxiv=1404.4553&json=true","fetch_graph":"https://pith.science/api/pith-number/JGKU3BKNPAG7PM77BWHOEFDKRP/graph.json","fetch_events":"https://pith.science/api/pith-number/JGKU3BKNPAG7PM77BWHOEFDKRP/events.json","actions":{"anchor_timestamp":"https://pith.science/pith/JGKU3BKNPAG7PM77BWHOEFDKRP/action/timestamp_anchor","attest_storage":"https://pith.science/pith/JGKU3BKNPAG7PM77BWHOEFDKRP/action/storage_attestation","attest_author":"https://pith.science/pith/JGKU3BKNPAG7PM77BWHOEFDKRP/action/author_attestation","sign_citation":"https://pith.science/pith/JGKU3BKNPAG7PM77BWHOEFDKRP/action/citation_signature","submit_replication":"https://pith.science/pith/JGKU3BKNPAG7PM77BWHOEFDKRP/action/replication_record"}},"created_at":"2026-05-18T02:43:53.917862+00:00","updated_at":"2026-05-18T02:43:53.917862+00:00"}