You are viewing archived messages.
Go here to search the history.

Marek Rogalski 2025-10-15 17:23:00

Re adversarial interoperability - just figured out a fun approach. Most devices can share their screen over Miracast / AirPlay / something similar (last resort is HDMI cable). Most devices can also receive input from Bluetooth devices (alternatively, through USB cable). So as an alternative to accessibility APIs (or X11, or WinAPI input injection), one might set up another device that would spoof a Miracast display, a bluetooth mouse & a bluetooth keyboard. Such reflector could be implemented in a very cheap form factor (like a tiny ESP32) and allows another app on the original device to effectively bypass all access controls that the OS-es (especially mobile) impose.

It's not a security vulnerability per-se, since it requires the device owner to cooperate - just an interesting way to interop.

shapes at 25-10-15 19.15.08.png

Konrad Hinsen 2025-10-16 07:27:56

This sounds a bit like scrcpy for Android. It can either use the Android API for USB debugging, or what it calls OTG mode, which is similar to what you describe.

Marek Rogalski 2025-10-16 09:18:04

yep, it's like scrcpy for app interop

Konrad Hinsen 2025-10-16 09:30:37

That would make a nice add-on functionality for virtualization tools such as QEMU.