By using this site, you agree to the Privacy Policy and Terms of Use.
Accept

News Junction

Notification Show More
Font ResizerAa
  • Home
  • World News
    World NewsShow More
    Trump reveals difficult relationship with Zelensky — RT World News
    Trump reveals difficult relationship with Zelensky — RT World News
    May 20, 2025
    Stock market news today: live updates
    Stock market news today: live updates
    May 20, 2025
    Canada, U.K., France warn Israel of ‘concrete action’ over military expansion – National
    Canada, U.K., France warn Israel of ‘concrete action’ over military expansion – National
    May 20, 2025
    My first thought when I heard Joe Biden’s news
    My first thought when I heard Joe Biden’s news
    May 19, 2025
    NH mom, two daughters share rare medical condition
    NH mom, two daughters share rare medical condition
    May 19, 2025
  • Business
    BusinessShow More
    Ukraine blows up bridges to consolidate its positions in Russia
    Ukraine blows up bridges to consolidate its positions in Russia
    August 18, 2024
    Commentary: AI phones from Google and Apple will erode trust in everything
    Commentary: AI phones from Google and Apple will erode trust in everything
    August 18, 2024
    The most famous Indian Dishes – Insights Success
    The most famous Indian Dishes – Insights Success
    August 18, 2024
    Life on the road as a female long rides cyclist
    Life on the road as a female long rides cyclist
    August 18, 2024
    UK inflation rises to 2.2%
    UK inflation rises to 2.2%
    August 18, 2024
  • Cryptocurrency
    CryptocurrencyShow More
    Circle reportedly weighing sale to Coinbase or Ripple despite IPO plans
    Circle reportedly weighing sale to Coinbase or Ripple despite IPO plans
    May 20, 2025
    Lido DAO price revisits key support level: what next for LDO?
    Lido DAO price revisits key support level: what next for LDO?
    May 20, 2025
    Ripple Labs Deploys XRP Ledger to Boost Financial Inclusion and Income for Smallholder Agriculture in Colombia
    Ripple Labs Deploys XRP Ledger to Boost Financial Inclusion and Income for Smallholder Agriculture in Colombia
    May 20, 2025
    On-Chain Oscillator Shows Bitcoin Far From Cycle Peak – Can BTC Push Above ATH?
    On-Chain Oscillator Shows Bitcoin Far From Cycle Peak – Can BTC Push Above ATH?
    May 19, 2025
    Tornado Cash Dev Roman Storm’s Defense Team Wants to Know if DOJ Withheld Evidence
    Tornado Cash Dev Roman Storm’s Defense Team Wants to Know if DOJ Withheld Evidence
    May 19, 2025
  • Technology
    TechnologyShow More
    How to Improve Your Spotify Recommendations
    How to Improve Your Spotify Recommendations
    August 18, 2024
    X says it’s closing operations in Brazil
    X says it’s closing operations in Brazil
    August 18, 2024
    Supermoon set to rise: Top tips for amateur photographers | Science & Tech News
    Supermoon set to rise: Top tips for amateur photographers | Science & Tech News
    August 18, 2024
    Scientists Want to See Videos of Your Cat for a New Study
    Scientists Want to See Videos of Your Cat for a New Study
    August 18, 2024
    OpenAI’s new voice mode let me talk with my phone, not to it
    OpenAI’s new voice mode let me talk with my phone, not to it
    August 18, 2024
  • Entertainment
  • Sports News
  • People
  • Trend
Reading: Nearly All Google Pixel Phones Exposed by Unpatched Flaw in Hidden Android App
Share
Font ResizerAa

News Junction

  • World News
  • Business
  • Technology
  • Cryptocurrency
  • Trend
  • Entertainment
Search
  • Recent Headlines in Entertainment, World News, and Cryptocurrency – NewsJunction
  • World News
  • Business
  • Cryptocurrency
  • Technology
  • Entertainment
  • Sports News
  • People
  • Trend
Have an existing account? Sign In
Follow US
News Junction > Blog > Trend > Nearly All Google Pixel Phones Exposed by Unpatched Flaw in Hidden Android App
Nearly All Google Pixel Phones Exposed by Unpatched Flaw in Hidden Android App
Trend

Nearly All Google Pixel Phones Exposed by Unpatched Flaw in Hidden Android App

Published August 15, 2024
Share
4 Min Read
SHARE

Google’s flagship Pixel smartphone line touts security as a centerpiece feature, offering guaranteed software updates for seven years and running stock Android that’s meant to be free of third-party add-ons and bloatware. On Thursday, though, researchers from the mobile device security firm iVerify are publishing findings on an Android vulnerability that seems to have been present in every Android release for Pixel since September 2017 and could expose the devices to manipulation and takeover.

The issue relates to a software package called “Showcase.apk” that runs at the system level and lurks invisible to users. The application was developed by the enterprise software company Smith Micro for Verizon as a mechanism for putting phones into a retail store demo mode—it is not Google software. Yet for years, it has been in each Android release for Pixel and has deep system privileges, including remote code execution and remote software installation. Even riskier, the application is designed to download a configuration file over an unencrypted HTTP web connection that iVerify researchers say could be hijacked by an attacker to take control of the application and then the entire victim device.

iVerify disclosed its findings to Google at the beginning of May, and the tech giant has not yet released a fix for the issue. Google spokesperson Ed Fernandez tells WIRED in a statement that Showcase “is no longer being used” by Verizon, and Android will remove Showcase from all supported Pixel devices with a software update “in the coming weeks.” He added that Google has not seen evidence of active exploitation and that the app is not present in the new Pixel 9 series devices that Google announced this week. Verizon and Smith Micro did not respond to WIRED’s requests for comment ahead of publication.

“I’ve seen a lot of Android vulnerabilities, and this one is unique in a few ways and quite troubling,” says Rocky Cole, chief operating officer of iVerify and a former US National Security Agency analyst. “When Showcase.apk runs, it has the ability to take over the phone. But the code is, frankly, shoddy. It raises questions about why third-party software that runs with such high privileges so deep in the operating system was not tested more deeply. It seems to me that Google has been pushing bloatware to Pixel devices around the world.”

iVerify researchers discovered the application after the company’s threat-detection scanner flagged an unusual Google Play Store app validation on a user’s device. The customer, big data analytics company Palantir, worked with iVerify to investigate Showcase.apk and disclose the findings to Google. Palantir chief information security officer Dane Stuckey says that the discovery and what he describes as Google’s slow, opaque response has prompted Palantir to phase out not just Pixel phones, but all Android devices across the company.

“Google embedding third-party software in Android’s firmware and not disclosing this to vendors or users creates significant security vulnerability to anyone who relies on this ecosystem,” Stuckey tells WIRED. He added that his interactions with Google throughout the standard 90-day disclosure window “severely eroded our trust in the ecosystem. To protect our customers, we have had to make the difficult decision to move away from Android in our enterprise.”

#Google #Pixel #Phones #Exposed #Unpatched #Flaw #Hidden #Android #App

TAGGED:androidappCyberattackscybersecurityexposedFlawGooglehackinghackshiddenphonesPixelsecurityunpatchedVerizonvulnerabilities
Share This Article
Facebook Twitter Pinterest Whatsapp Whatsapp LinkedIn Email Copy Link Print
Share
What do you think?
Love0
Sad0
Happy0
Sleepy0
Angry0
Dead0
Wink0
Previous Article BBC Breakfast fans swoon over ‘absolutely gorgeous’ Carol Kirkwood as she shrugs off illness in ‘lovely’ floral dress after health update BBC Breakfast fans swoon over ‘absolutely gorgeous’ Carol Kirkwood as she shrugs off illness in ‘lovely’ floral dress after health update
Next Article Gaming Aim Training Tournaments : playdays the gauntlet Gaming Aim Training Tournaments : playdays the gauntlet
- Advertisement -

Latest Post

Trump reveals difficult relationship with Zelensky — RT World News
Trump reveals difficult relationship with Zelensky — RT World News
World News
Circle reportedly weighing sale to Coinbase or Ripple despite IPO plans
Circle reportedly weighing sale to Coinbase or Ripple despite IPO plans
Cryptocurrency
Stock market news today: live updates
Stock market news today: live updates
World News
Lido DAO price revisits key support level: what next for LDO?
Lido DAO price revisits key support level: what next for LDO?
Cryptocurrency
Ripple Labs Deploys XRP Ledger to Boost Financial Inclusion and Income for Smallholder Agriculture in Colombia
Ripple Labs Deploys XRP Ledger to Boost Financial Inclusion and Income for Smallholder Agriculture in Colombia
Cryptocurrency
Canada, U.K., France warn Israel of ‘concrete action’ over military expansion – National
Canada, U.K., France warn Israel of ‘concrete action’ over military expansion – National
World News
- Advertisement -

You Might Also Like

Gold Leaf-Topped Sliders : Rich N Famous
Trend

Gold Leaf-Topped Sliders : Rich N Famous

January 28, 2024
Samsung Galaxy S24 Ultra reportedly tramples iPhone 15 Pro Max in display reflectivity thanks to Corning Gorilla Armor
Trend

Samsung Galaxy S24 Ultra reportedly tramples iPhone 15 Pro Max in display reflectivity thanks to Corning Gorilla Armor

January 22, 2024
Top 100 Hair Trends in 2023
Trend

Top 100 Hair Trends in 2023

January 21, 2024
Lenovo Legion Pro 7i powered by RTX 4080 and Core i9-13900HX gets whopping US0 discount at B&H photo
Trend

Lenovo Legion Pro 7i powered by RTX 4080 and Core i9-13900HX gets whopping US$600 discount at B&H photo

August 4, 2023

About Us

NEWS JUNCTION (NewsJunction.xyz) Your trusted destination for global news. Stay informed with our timely and accurate reporting on diverse topics, including politics, technology, science, entertainment, sports, and more. Count on us for unbiased and reliable updates at your fingertips.

Quick Link

  • About
  • Disclaimer
  • Privacy Policy
  • Terms of Use
  • Contact

Top Categories

  • World News
  • Business
  • Technology
  • Entertainment
  • Cryptocurrency
  • Sports News
  • Trend
  • People

Subscribe

Subscribe to our newsletter to get our newest articles instantly!

    © 2023 News Junction.
    • Blog
    • Advertise
    • Contact
    Welcome Back!

    Sign in to your account

    Username or Email Address
    Password

    Lost your password?