>"Android also inherits the interrupt mechanism from Linux, which is designed for the efficient communication between the CPU and external devices. When new hardware events (e.g., user touching the screen) come, the corresponding hardware device (e.g., touchscreen controller) sends a signal to ask OS for immediate processing"

I'm not claiming interrupts don't exist, I'm claiming that they're not really a fingerprinting vector because Android is so locked down that all phones of the same model/OS version are going to have the same behavior. It might be an issue if you're using a xiaomi phone in the US or something, but if you're a normie with an iPhone there's tens and maybe hundreds of thousands of people with the same phone in a major metro.

>I'm not claiming interrupts don't exist

I thought you were confused because you said "hardware interrupts (whatever that means)", and put it in scare quotes?

>so locked down that all phones of the same model/OS version are going to have the same behavior.

That's not how hardware interrupts work, though. The behavior is 100% user dependent. Me and you type at different speeds, times, etc. The hardware interrupts that result from me and you typing are, therefor, going to be completely distinct. The interrupt itself will be the same, but the timing of those interrupts is unique.

Whether or not /proc/interrupts remains globally readable is something I'm not confident on, but at the time of the paper (which was after sandboxing was first implemented in Android), it was globally readable and a valid side-channel for information leakage including as fingerprinting vector.

Hopefully that clears up what a hardware interrupt means, and why they are (or, at least used to be), a valid fingerprinting technique.

On my phone running Android 15 (LineageOS) /proc/interrupts is set to readable by root only.