Google has worked hard to make Android as secure as possible, but as with any operating system, security issues occasionally pop up. One flaw allowed malicious apps to be downloaded on Google Pixel phones, and has now been patched.
A hidden and insecure feature within Google's software for some Android phones has been discovered. Security firm iVerify found the feature, called Showcase.apk, on phones at a U.S. intelligence contractor. The app, normally dormant, appears designed to give deep access to devices for demonstration purposes, but researchers were able to turn it on. The discover prompted data analytics company Palantir Technologies (best known for helping the Trump administration deport immigrants from the United States) to ban the use of Android phones internally, with an executive saying, "This was very deleterious of trust... We have no idea how it got there."
The app's insecurity lies in its ability to download instructions from an insecure web address, leaving it open to interception and manipulation. iVerify warned, "The app vulnerability leaves millions of Android Pixel devices susceptible to man-in-the-middle attacks, giving cybercriminals the ability to inject malicious code and dangerous spyware."
iVerify contacted Google over 90 days ago but received no indication of a fix until Wednesday night, when Google told The Washington Post it would issue an update to remove the application. Google maintains it has not seen any hacking through Showcase and that exploitation would require both physical access and the user's password. However, the fact that this oversight is present as the app is included in Google-made Pixel phones, known for their prompt security updates, is concerning at least.
This is another great reminder to keep your Android phone up to date, and install security patches as soon as they are available. Once a fix for security issues like this one is available, you can keep yourself protected.
The above is the detailed content of Security Flaw Allowed Remote App Installs on Android Phones. For more information, please follow other related articles on the PHP Chinese website!
How to Get Android 14's Predictive Back Gesture on Your Android 13 Phone Right Now May 09, 2025 am 10:07 AMAndroid 14's Predictive Back Gesture: A Sneak Peek Before You Go Back Android's back gesture, a staple of navigation, has been both helpful and frustrating. Its system-wide functionality can be unpredictable. Google's solution? A predictive back g
Force Apps to Use Android's Transparent System Navigation Bar if They Don't Already Support It May 09, 2025 am 09:16 AMThe Android system's navigation bar (gestures or buttons) has always seemed a bit clumsy, mainly because app developers have not taken full advantage of existing tools. But Google is developing a new feature that promises to eventually make your navigation bar more unified across apps. Since Android 10 was introduced, gesture navigation systems have become the default method to switch between apps, jump to the home screen, and return between apps. However, if you want to use it, the three-button navigation bar still exists. Either way, Android app developers can use tools to make the system navigation bar transparent for a more seamless experience. Many developers do use the available APIs to adjust the system navigation bar
Top Tech Deals: Google Pixel 9, iPad Mini, Beats Earbuds, and More!May 09, 2025 am 03:03 AMThis week's tech deals are too good to miss! Score significant savings on top-tier gadgets, including the Google Pixel 9, a new Mac Mini, and various accessories. Check out our curated selection of the best tech deals below. Google Pixel 9: $599 (S
Why You Should Get a Phone Dock for Your TVMay 09, 2025 am 03:02 AMYour Phone: The Ultimate TV Hub You've Been Overlooking While streaming boxes and game consoles are common TV additions, your phone might be the most versatile and essential upgrade you need. Modern smartphones are surprisingly powerful, often rival
Enable Spatial Audio on Your Pixel Smartphone for Surround Sound Everywhere You Go May 08, 2025 am 10:37 AMExperience immersive audio with the latest Pixel smartphone feature: Spatial Audio! This innovative technology creates a home theater experience in your pocket, making your streaming videos and music more captivating than ever before. Sound appears
The Easiest Way to Blur Faces in Videos on Your Android Phone May 08, 2025 am 09:56 AMEasily blur faces in your videos using PutMask! Video editing on mobile can be resource-intensive, but this app simplifies the process of pixelating faces. Unlike desktop software, PutMask automates the complex task of face tracking, making it a br
Every Phone I've Owned Since 2010, RankedMay 08, 2025 am 03:01 AMA Techie's Top Phones: A Personal Retrospective As a tech enthusiast, I've owned countless phones, each a time capsule of a specific life stage. This list showcases my personal favorites, encompassing devices used extensively, often with accompanyin
This 200W 4-Port USB-C Charger From UGREEN Is 30% Off TodayMay 08, 2025 am 01:04 AMUGREEN Nexode 200W Four-Port Charger Review: Efficient Charging, One-Stop Solution This four-port USB-C charger can have a maximum power of 200W and a single-port maximum output power of 140W, providing fast charging for high-performance devices such as MacBook Pro, Dell XPS and HP. Amazon Buy Link If you need a wall charger that can charge all USB Type-C and Type-A devices, the UGREEN Nexode 200W charger will be the perfect choice for you. It has four charging ports and is currently priced at $70, which is 30% off the original price. The charger comes with three USB Type-C ports and one USB
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
Atom editor mac version download
The most popular open source editor
VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
SublimeText3 Mac version
God-level code editing software (SublimeText3)
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
