I thought you were confused because you said "hardware interrupts (whatever that means)", and put it in scare quotes?
>so locked down that all phones of the same model/OS version are going to have the same behavior.
That's not how hardware interrupts work, though. The behavior is 100% user dependent. Me and you type at different speeds, times, etc. The hardware interrupts that result from me and you typing are, therefor, going to be completely distinct. The interrupt itself will be the same, but the timing of those interrupts is unique.
Whether or not /proc/interrupts remains globally readable is something I'm not confident on, but at the time of the paper (which was after sandboxing was first implemented in Android), it was globally readable and a valid side-channel for information leakage including as fingerprinting vector.
Hopefully that clears up what a hardware interrupt means, and why they are (or, at least used to be), a valid fingerprinting technique.
I thought you were confused because you said "hardware interrupts (whatever that means)", and put it in scare quotes?
>so locked down that all phones of the same model/OS version are going to have the same behavior.
That's not how hardware interrupts work, though. The behavior is 100% user dependent. Me and you type at different speeds, times, etc. The hardware interrupts that result from me and you typing are, therefor, going to be completely distinct. The interrupt itself will be the same, but the timing of those interrupts is unique.
Whether or not /proc/interrupts remains globally readable is something I'm not confident on, but at the time of the paper (which was after sandboxing was first implemented in Android), it was globally readable and a valid side-channel for information leakage including as fingerprinting vector.
Hopefully that clears up what a hardware interrupt means, and why they are (or, at least used to be), a valid fingerprinting technique.