As an Andriod user, you should rest easy knowing that the disappearance of the dark mode on the Gmail for Android app was caused by a bug, which engineers over at Google are working to fix it. While your iPhone friends might be feeling happy that now you are on equal grounds, as far as Gmail dark mode is concerned. A Bug caused Gmail Dark Mode disappearance Things get worse if you are using the phone in a dark room, like in the morning before you pull the blinds and the lights inside are still off.
The light that comes with the light theme can be blinding, especially if you have adopted the dark theme across the entire Android ecosystem. When you woke up the next morning and reached out for your phone (as most people do, first thing in the morning), you are blinded by the white light coming off the Gmail app. You go to sleep, leaving the Gmail app on your phone in dark mode. However, the dark mode seems to have ‘upped and left’ without any warning. Google, too was not left behind, and for some time now, Android users have been enjoying Gmail dark mode, much to the envy of iPhone users. A video of one of the attacks in action is below.Dark Mode is the new black, a trend that is fast catching among users, forcing developers to adopt the theme. The paper, " Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks," (.PDF) will be presented 22 Aug at the USENIX Security Symposium in San Diego.
Qian suggests that users "don't install untrusted apps," and for developers, the researcher says that a more careful tradeoff between security and functionality needs to be set in stone. We do that and that’s what makes our attack unique." But the thing is you have to do it at the right time so the user doesn’t notice. "By design, Android allows apps to be preempted or hijacked. Zhiyun Qian, an associate professor at UC Riverside commented:
The reason Amazon is more difficult to crack is that the app allows one activity to transition to another activity seamlessly, making timed attacks less likely to succeed and activities more difficult to predict. The only app that was difficult to penetrate was Amazon, with a 48 percent success rate. Attacks placed on Chase, Newegg, WebMD and apps were successful 83 percent, 86 percent, 85 percent and 83 percent of the time respectively. Secondly, the hack needs to be done so it is undetectable by the user - which can be achieved through good timing.Īttacks on Gmail were successful 92 percent of the time, as were attacks on H&R Block. There are two stages to this attack: firstly, the attack needs to take place in real time, such as the moment when the user is logging into Gmail. Once installed, the researchers were able to exploit a newly discovered public side channel, the shared memory of a process, which can be accessed without permissions or app privileges.Ĭhanges within the shared memory are then monitored, and these changes are correlated with what the team calls an "activity transition event." In other words, when a user is actively using an app, for example, to log into Gmail or take a picture of a cheque so it can be deposited online via Chase Bank, activity changes are noted.
The attack works through a user downloading a seemingly harmless application, such as background wallpaper. However, no tests have yet been conducted on other systems.
The weakness was tested through an Android smartphone, but the researchers claim the method could be used across all of the platforms - as each OS shares a similar feature: the ability for applications to access a mobile device's shared memory. Security experts from the University of California Riverside Bourns College of Engineering and the University of Michigan identified a weakness believed to exist in all of the above operating systems, which could allow a cyberattacker to steal sensitive data through malicious applications. US researchers have discovered a flaw which may exist across Android, Windows, and iOS operating systems, and could allow popular services such as Gmail to become compromised.