Google Pixel Phones Have Security Flaw, Palantir Stops Using Android

Data analytics firm Palantir has announced it will discontinue the use of Android devices due to troubling responses from Google regarding a significant security vulnerability. Researchers from iVerify have identified a flaw in an application developed by Smith Micro for Verizon, which has been present in all Pixel Android releases since September 2017. This vulnerability could allow attackers to manipulate and take control of affected devices, raising serious security concerns for users. The problematic application, designed for retail demo purposes, possesses deep system privileges, including remote code execution capabilities. It downloads configuration files over unencrypted HTTP connections, making it susceptible to hijacking. Despite iVerify disclosing these findings to Google in early May, the tech giant has yet to implement a fix. Google spokesperson Ed Fernandez stated that the application, known as Showcase, is no longer in use by Verizon and will be removed from supported Pixel devices in an upcoming software update. Palantir's Chief Information Security Officer, Dane Stuckey, expressed frustration over Google's slow response, prompting the company to phase out all Android devices to safeguard customer data. The researchers noted that while the vulnerability primarily affects Pixel phones, it may also be present in other Android devices. Google has indicated it is notifying other manufacturers about the issue, but concerns remain about the potential for exploitation.