Security/Reviews/Gaia/homescreen

App Review Details

App: Homescreen
Review Date: 22/2/2012
Review Lead: Paul Theriault

Overview

The homescreen app is the main UI for the phone. It is shown as soon as the phone is unlocked and is primarily used to launch other apps. It also houses the everything.me component, which is a tool for finding and launching mobile websites and web apps.

Architecture

Components

Relevant Source Code

Permissions

Web Activity Handlers

Web Activity Usage

Notable Event Handlers

Code Review Notes

1. XSS & HTML Injection attacks

2. Secure Communications

3. Secure data storage

4. Denial of Service

5. Use of Privileged APIs

6. Interfaces with other Apps/Content

Security Risks & Mitigating Controls

Actions & Recommendations

Security/Reviews/Gaia/homescreen

Contents

App Review Details

Overview

Architecture

Components

Relevant Source Code

Permissions

Web Activity Handlers

Web Activity Usage

Notable Event Handlers

Code Review Notes

1. XSS & HTML Injection attacks

2. Secure Communications

3. Secure data storage

4. Denial of Service

5. Use of Privileged APIs

6. Interfaces with other Apps/Content

Security Risks & Mitigating Controls

Actions & Recommendations

Navigation menu

Security/Reviews/Gaia/homescreen

App Review Details

Overview

Architecture

Components

Relevant Source Code

Permissions

Web Activity Handlers

Web Activity Usage

Notable Event Handlers

Code Review Notes

1. XSS & HTML Injection attacks

2. Secure Communications

3. Secure data storage

4. Denial of Service

5. Use of Privileged APIs

6. Interfaces with other Apps/Content

Security Risks & Mitigating Controls

Actions & Recommendations

Navigation menu

Search