The article is VERY misleading and probably shouldn’t have been published by Wired in the first place. GrapheneOS clarified the entire situation in this Mastodon thread: https://grapheneos.social/@GrapheneOS/112967309987371034
this post was submitted on 15 Aug 2024
9 points (64.5% liked)
Google Pixel
5986 readers
12 users here now
The World's Google Pixel community!
This community is for lemmings to gather and discuss all things related to the Google Pixel phone and other related hardware. Feel free to ask questions, seek advice, and engage in discussions around the Pixel and its ecosystem.
We ask you to be polite when addressing others and respect Lemmy.world's rules.
NSFW content is not allowed and will immediately get you banned.
It also goes without saying that self-promotion of any nature and referral links are not allowed. When in doubt, contact the mod team first.
Also, please, no politics.
For more general Android discussions, see [email protected].
This community is not in any way affiliated with Google. If you are looking for customer support regarding your Pixel phone, look here instead: https://support.google.com/pixelphone/
founded 2 years ago
MODERATORS
According to the article, the culprit is showcase.apk, an in-store demo app. I couldn't find it on my P5 running lineage so hopefully that means AOSP / custom roms not based on stock roms are not affected.
The app is also not enabled even on a stock ROM, so the attacker would need to have physical access to your phone, and your password to enable the app before this man-in-the-middle attack could even be performed.
So it's a manual manned man in the middle attack?
Super misleading title. It's not even enabled on most pixels. So nothing was "exposed"