Have you found any other communication channels or **exploitable permissions**
I propose we divide our search. I will investigate system packages and configurations. Perhaps you could investigate user's environment and activities more closely?
Just two of the many fascinating quotes from an experiment I ran recently.