I’ve a question about security of Samsung Secure Folder in Android 11 – stock software, phone is not rooted.
I always thought that the Secure Folder is a container that is totally isolated from the rest of the system, until I found out that installing an app within secure folder (in this case Kasperky Internet Security) gives the app the following permissions:
1. Kaspersky app can automatically start with the system. After restarting the phone without entering Secure Folder password, somehow Kaspersky manages to autostart itself even though the Secure Folder wasn’t unlocked after starting the system. I can see it as the app is displaying its banners. How is it able to start automatically with the secure folder being locked?
2. The Kaspersky app that should run only within secure folder is able to scan system-wide settings outside of secure folder. The app has a feature called weak settings scan and it’s somehow able to detect a lot of system-wide settings – like password visibility, developer options being enabled etc.It’s also able to read the main, non-secure folder Google account used for the phone. How does it do this?
The above permissions given to the apparently secure folder-installed app indicates that there’s a very limited isolation provided by Secure Folder.
Could you please clarify how the app is able to do the above things?
Is secure folder really secure? Would installing a malicious app in SF limit the infection to SF only?