On a throwaway Samsung Galaxy with American ROM, I installed some Chinese apps. When I uninstall them, the browser opens with a specific “uninstall survey”. How that is possible? Are they exploiting some os weakness or it’s permitted by the apk uninstall API?

The bad actors are:

  • sogou keyboard
  • Tencent video
  • weibo
  • Illecors@lemmy.cafe
    link
    fedilink
    English
    arrow-up
    11
    arrow-down
    1
    ·
    1 year ago

    Warning - precision guesswork ahead.

    In computer programming there’s a concept of a hook - do something before or after an event. It very well might be that “uninstall” event has hooks and one of them is “open this website after it’s done”.

  • rozPierog@lemdro.id
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    If you are running Android <11 then apps could see the list of apps installed on the device https://developer.android.com/training/package-visibility

    Pure speculation (and how I would do it) is to have apps A, B, C check periodically the list of installed packages and if one of them disappeared from the list I would trigger this survey. Of course that requires that all apps are from the same developer, and it won’t trigger this survey on the last app uninstall

  • breakingcups@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    1 year ago

    I wonder if they have some sort of sister service that does the monitoring of the install status.

    • Moonrise2473@feddit.itOP
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      edit-2
      1 year ago

      i have the feeling they had a permanent service running in memory like a virus just for this purpose, triggering the webpage launch when killed (maybe could listen the reason for kill?), because the device was ultraslow (old and just 1gb ram did not justifiy a 10 sec delay in screen rotation) until i uninstalled them.

      edit: but it could be it was triggered by a sister service. For example, when i uninstalled wechat (still from tencent) it did not give me the uninstall survey like i got a few minutes earlier with tencent video.

      Same for sogou keyboard, when i uninstalled sogou search i did not get the survey. So it could have been that sogou search detected that sogou keyboard was uninstalled and triggered the survey

  • limerod@reddthat.com
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    What android version is that Samsung galaxy running? Does it happen in newer android versions like 12 and 13? The explanation and the stack link explain it for old devices. I’m not sure how it’s being done for newer smartphones, if at all.

      • limerod@reddthat.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        That explains it. Older android did not have the safeguards modern-day android does. Anyway, don’t sideload shady apps or use old smartphones that are not updated today. These webpage opening things used to happen in the old days, which was annoying.