@divested @lhn
This is a Verizon demo app included in the stock Pixel OS which doesn't run without being explicitly set up. A user would need to unlock the device, enable developer options (requires lock method), enable ADB, plug the phone into a computer, authorize ADB access and set up the application to run. An attacker would then need to find a vulnerability to exploit the fact that it fetches a configuration file over HTTP and then exploit the OS from the access they gain from there.
=> More informations about this toot | View the thread | More toots from GrapheneOS@grapheneos.social
=> View divested@infosec.exchange profile | View lhn@mastodon.online profile
text/geminiThis content has been proxied by September (3851b).