Doubao Mobile Assistant: Clarifying Misconceptions on Permissions and Functionality
Summary:
- Misinterpretation of Technology: Doubao Mobile Assistant dispels claims regarding its use of permissions to access sensitive data.
- Secure Practices: It confirms strict adherence to security protocols, ensuring protected content remains inaccessible during operations.
- Dependence on Cloud Processing: The assistant relies on cloud technology for enhanced functionality without compromising user privacy.
On December 13, Doubao Technology addressed concerns raised by certain users regarding the Doubao Mobile Assistant’s technology. Users claimed that the application employs the READ_FRAME_BUFFER permission to capture image data directly from the graphics buffer utilized by the GPU, bypassing conventional screenshot APIs. Additionally, it was alleged that the assistant uses the CAPTURE_SECURE_VIDEO_OUTPUT permission to access secure content, such as banking interfaces.
Doubao Mobile Assistant officially clarified that these claims stem from a misunderstanding of its technological functionality. The assistant utilizes a native screenshot interface and adheres strictly to the security markings established by applications. This means it cannot capture images of content deemed protected, including sensitive banking interfaces.
Users with the technical preview version of Doubao Mobile Assistant can test the application by scripting an APK with protected pages. This hands-on approach enables verification that the AI cannot access or interpret these secured contents.
The READ_FRAME_BUFFER permission, cited by some netizens, is pivotal for allowing the AI to conduct background operations effectively. Doubao Mobile Assistant enables third-party applications to function within a virtual screen environment. To extract screenshot content from this virtual screen context, corresponding to methods like WindowManagerService.captureDisplay, the READ_FRAME_BUFFER permission is necessary. Importantly, this method does not allow any third-party app, including banking applications, to have its secured content read or captured.
The CAPTURE_SECURE_VIDEO_OUTPUT permission serves a distinct purpose. Given that protected pages will present a black screen in the virtual projection, this permission is essential for normal display and user interaction with such protected content. However, it is paramount to note that even after being projected, these protected pages maintain their Secure marking, ensuring they can only be viewed by users and preventing screenshots from being taken.
The operational framework of the Doubao Mobile Assistant involves a straightforward process: users provide commands, which include capturing screenshots that are then sent to the cloud-based Doubao large model for analysis. The model processes these inputs and returns specific operational instructions, which the mobile device executes sequentially until the task is completed. Each operation’s completion is followed by a screenshot upload to the cloud model for analysis, with an approximate interval of three seconds between each step.
Due to the substantial model parameters required for effective interface analysis, mobile chips currently lack the processing capability to execute these analyses locally. As a result, images must be uploaded to the cloud for processing. It is worth noting that many domestic mobile phone brands have launched similar assistant products that leverage AI functionalities, all following a comparable operational strategy and employing system permissions like READ_FRAME_BUFFER.
Crucially, Doubao Mobile Assistant emphasizes that it only captures screenshots when directly instructed by the user. It cannot access or photograph pages marked as Secure within third-party applications. The screenshots sent to the cloud model are exclusively used for visual comprehension and reasoning during the task and will not be stored once the operation concludes.
With advances in artificial intelligence and mobile technology, users can expect ever more sophisticated functionalities while enjoying robust security mechanisms to protect sensitive information. Doubao Mobile Assistant remains committed to transparency and user privacy, utilizing cutting-edge technology in a manner that prioritizes user data security.
As technologies evolve, understanding the operational methodologies of such applications is essential for consumer confidence and security. Doubao promises ongoing advancements while ensuring compliance with security protocols designed to protect users in an increasingly digital landscape.
