A fix is coming, but data analytics giant Palantir says it’s ditching Android devices altogether because Google’s response to the vulnerability has been troubling.
According to the article, the culprit is showcase.apk, an in-store demo app. I couldn’t find it on my P5 running lineage so hopefully that means AOSP / custom roms not based on stock roms are not affected.
The app is also not enabled even on a stock ROM, so the attacker would need to have physical access to your phone, and your password to enable the app before this man-in-the-middle attack could even be performed.
According to the article, the culprit is showcase.apk, an in-store demo app. I couldn’t find it on my P5 running lineage so hopefully that means AOSP / custom roms not based on stock roms are not affected.
The app is also not enabled even on a stock ROM, so the attacker would need to have physical access to your phone, and your password to enable the app before this man-in-the-middle attack could even be performed.