A fix is coming, but data analytics giant Palantir says it’s ditching Android devices altogether because Google’s response to the vulnerability has been troubling.
  • Jackthelad@lemmy.worldEnglish
    45·
    6 个月前

    iVerify vice president of research Matthias Frielingsdorf points out that while Showcase represents a concerning exposure for Pixel devices, it is turned off by default. This means that an attacker would first need to turn the application on in a target’s device before being able to exploit it. The most straightforward way to do this would involve having physical access to a victim’s phone as well as their system password or another exploitable vulnerability that would allow them to make changes to settings.

    Just a bit of alarmism then, with something that can be easily removed in an update.

    • evo@sh.itjust.worksEnglish
      26·
      6 个月前

      The app isn’t enabled by default so stock Pixels aren’t even vulnerable without physical access to an unlocked device.

    • BakedCatboy@lemmy.mlEnglish
      8·
      6 个月前

      I couldn’t find the APK on my pixel 5 running lineage so I think only stock-based roms should be affected. I checked using an APK extractor app that lists all system apps including things like 3 button navigation bar.

  • AmbiguousProps@lemmy.todayEnglish
    10·
    6 个月前

    I have doubts that this apk is enabled and running on all pixels, it’s especially not on custom roms such as Graphene (I just checked my own).

    • LostXOR@fedia.io
      81·
      6 个月前

      Yeah, doesn’t look like it affects GrapheneOS. More validation of my choice to run Graphene I guess.

      • DarkThoughts@fedia.io
        12·
        6 个月前

        I’m too stupid to install it. Would’ve liked to plonk it on my old tablet instead of throwing it into the trash.

        • unrushed233@lemmings.worldEnglish
          6·
          6 个月前

          It’s only compatible with modern Pixel devices, so unless you’re old tablet is a Google Pixel Tablet, you can’t install it anyway. But the installer is super easy to use (if you have a compatible device). It’s literally all in your web browser.

          • DarkThoughts@fedia.io
            21·
            6 个月前

            It’s an old Xperia Z4 and there’s a few custom images on the forums. But the “how to” suggest using a tool that does not even exist in that version and is otherwise so sparse on information that I gave up after that.

            • unrushed233@lemmings.worldEnglish
              1·
              6 个月前

              I don’t recommend installing random builds from forums like XDA. GrapheneOS definitely doesn’t have an official version for anything other than Pixels, you might want to try LineageOS if you want to throw the tablet out anyway

                • unrushed233@lemmings.worldEnglish
                  1·
                  6 个月前

                  Oh man, I just looked up the Xperia Z4 and noticed that it’s like 10 years old. Can’t say that I’m surprised that there are basically no ROMs.