From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Hugh Chen Date: Thu, 3 Jun 2021 16:38:24 +0800 Subject: [PATCH] RESTRICT AUTOMERGE Fix phishing attacks over Bluetooth due to unclear warning message This CL add more prompts presented for users to avoid phishing attacks. Screenshot: https://screenshot.googleplex.com/p5PZbphN46ddPFV.png https://screenshot.googleplex.com/6Q2wKfPbNQmTtx8.png https://screenshot.googleplex.com/987VpYgNUZL2K4T.png https://screenshot.googleplex.com/9eVg6SAGScVXU8U.png Bug: 167403112 Test: manually test Change-Id: Iadec059b662fd91754ad573bbe688702cdd3c9af (cherry picked from commit 10e459921953825d34e70cc4da846aac703d913c) (cherry picked from commit 8fe8e0fc211d4f36cce2865a17c834573ec25211) --- res/values/strings.xml | 21 +++++++++++++++++ .../BluetoothPermissionActivity.java | 23 ++++++++++++------- .../bluetooth/BluetoothPermissionRequest.java | 12 ++++++---- 3 files changed, 44 insertions(+), 12 deletions(-) diff --git a/res/values/strings.xml b/res/values/strings.xml index 322baf15662..f98146b139b 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -7975,4 +7975,25 @@ Don\u2019t allow + + + SIM card access request + + A device wants to access your SIM card. Tap for details. + + Allow access to SIM card? + + A Bluetooth device, %1$s, wants to access data on your SIM card. This includes your contacts.\n\nWhile connected, %2$s will receive all calls made to %3$s. + + Bluetooth device available + + A device wants to connect. Tap for details. + + Connect to Bluetooth device? + + %1$s wants to connect to this phone.\n\nYou haven\u2019t connected to %2$s before. + + Don\u2019t connect + + Connect diff --git a/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java b/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java index 92988dd97ee..9444d49263f 100644 --- a/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java +++ b/src/com/android/settings/bluetooth/BluetoothPermissionActivity.java @@ -25,6 +25,7 @@ import android.content.DialogInterface; import android.content.Intent; import android.content.IntentFilter; import android.os.Bundle; +import android.telephony.TelephonyManager; import android.support.v7.preference.Preference; import android.util.EventLog; import android.util.Log; @@ -97,13 +98,13 @@ public class BluetoothPermissionActivity extends AlertActivity implements if(DEBUG) Log.i(TAG, "onCreate() Request type: " + mRequestType); if (mRequestType == BluetoothDevice.REQUEST_TYPE_PROFILE_CONNECTION) { - showDialog(getString(R.string.bluetooth_connection_permission_request), mRequestType); + showDialog(getString(R.string.bluetooth_connect_access_dialog_title), mRequestType); } else if (mRequestType == BluetoothDevice.REQUEST_TYPE_PHONEBOOK_ACCESS) { showDialog(getString(R.string.bluetooth_phonebook_access_dialog_title), mRequestType); } else if (mRequestType == BluetoothDevice.REQUEST_TYPE_MESSAGE_ACCESS) { showDialog(getString(R.string.bluetooth_message_access_dialog_title), mRequestType); } else if (mRequestType == BluetoothDevice.REQUEST_TYPE_SIM_ACCESS) { - showDialog(getString(R.string.bluetooth_sap_request), mRequestType); + showDialog(getString(R.string.bluetooth_sim_card_access_dialog_title), mRequestType); } else { Log.e(TAG, "Error: bad request type: " + mRequestType); @@ -136,9 +137,14 @@ public class BluetoothPermissionActivity extends AlertActivity implements p.mView = createSapDialogView(); break; } - p.mPositiveButtonText = getString(R.string.allow); + p.mPositiveButtonText = getString( + requestType == BluetoothDevice.REQUEST_TYPE_PROFILE_CONNECTION + ? R.string.bluetooth_connect_access_dialog_positive : R.string.allow); p.mPositiveButtonListener = this; - p.mNegativeButtonText = getString(R.string.request_manage_bluetooth_permission_dont_allow); + p.mNegativeButtonText = getString( + requestType == BluetoothDevice.REQUEST_TYPE_PROFILE_CONNECTION + ? R.string.bluetooth_connect_access_dialog_negative + : R.string.request_manage_bluetooth_permission_dont_allow); p.mNegativeButtonListener = this; mOkButton = mAlert.getButton(DialogInterface.BUTTON_POSITIVE); setupAlert(); @@ -170,8 +176,8 @@ public class BluetoothPermissionActivity extends AlertActivity implements String mRemoteName = createRemoteName(); mView = getLayoutInflater().inflate(R.layout.bluetooth_access, null); messageView = (TextView)mView.findViewById(R.id.message); - messageView.setText(getString(R.string.bluetooth_connection_dialog_text, - mRemoteName)); + messageView.setText(getString(R.string.bluetooth_connect_access_dialog_content, + mRemoteName, mRemoteName)); return mView; } @@ -195,10 +201,11 @@ public class BluetoothPermissionActivity extends AlertActivity implements private View createSapDialogView() { String mRemoteName = createRemoteName(); + TelephonyManager tm = getSystemService(TelephonyManager.class); mView = getLayoutInflater().inflate(R.layout.bluetooth_access, null); messageView = (TextView)mView.findViewById(R.id.message); - messageView.setText(getString(R.string.bluetooth_sap_acceptance_dialog_text, - mRemoteName, mRemoteName)); + messageView.setText(getString(R.string.bluetooth_sim_card_access_dialog_content, + mRemoteName, mRemoteName, tm.getLine1Number())); return mView; } diff --git a/src/com/android/settings/bluetooth/BluetoothPermissionRequest.java b/src/com/android/settings/bluetooth/BluetoothPermissionRequest.java index 3de10a5d10e..d23dea93e52 100644 --- a/src/com/android/settings/bluetooth/BluetoothPermissionRequest.java +++ b/src/com/android/settings/bluetooth/BluetoothPermissionRequest.java @@ -144,13 +144,17 @@ public final class BluetoothPermissionRequest extends BroadcastReceiver { R.string.bluetooth_message_access_notification_content); break; case BluetoothDevice.REQUEST_TYPE_SIM_ACCESS: - title = context.getString(R.string.bluetooth_sap_request); - message = context.getString(R.string.bluetooth_sap_acceptance_dialog_text, + title = context.getString( + R.string.bluetooth_sim_card_access_notification_title); + message = context.getString( + R.string.bluetooth_sim_card_access_notification_content, deviceAlias, deviceAlias); break; default: - title = context.getString(R.string.bluetooth_connection_permission_request); - message = context.getString(R.string.bluetooth_connection_dialog_text, + title = context.getString( + R.string.bluetooth_connect_access_notification_title); + message = context.getString( + R.string.bluetooth_connect_access_notification_content, deviceAlias, deviceAlias); break; }