In addition to traditional permissions, Android has three metapermissions that open access to very dangerous APIs enabling the attacker to seize control over the device. In this article, I will explain how to use them so that you can programmatically press smartphone buttons, intercept notifications, extract text from input fields of other apps, and reset device settings.

For a long time, Android was known as a slow and insecure OS for losers unable to afford an iPhone. Is this still true, and was Android really so bad? Leaving aside the interface smoothness and OS capacity, I am going to briefly discuss the evolution of the worst element in Android: its security system.