iVerify discovered an Android package, "Showcase.apk," with excessive system privileges, including remote code execution and remote package installation capabilities, on a very large percentage of Pixel devices shipped worldwide since September 2017.
It’s still a question of why an app with elevated permissions was packaged in the firmware, but yeah it doesn’t look like the exploit itself is easy to do.
it looks like it’s not as bad as originally seems https://grapheneos.social/@GrapheneOS/112967309987371034
Oh, just an annoying marketing stunt. Capitalism distracts me once again.
It’s still a question of why an app with elevated permissions was packaged in the firmware, but yeah it doesn’t look like the exploit itself is easy to do.