# Nearly All Google Pixel Phones Are Left Exposed by Unpatched Flaw in Hidden Android App  ## About - Author: Lily Hay Newman - Title: Nearly All Google Pixel Phones Are Left Exposed by Unpatched Flaw in Hidden Android App - Tags: #articles - URL: https://www.wired.com/story/google-android-pixel-showcase-vulnerability/ ## Highlights On Thursday, though, researchers from the mobile device security firm iVerify are publishing findings on an Android vulnerability that seems to have been present in every Android release for Pixel since September 2017 and could expose the devices to manipulation and takeover. The issue relates to a software package called “Showcase.apk” that runs at the system level and lurks invisible to users. The application was developed by the enterprise software company SmithMicro for Verizon as a mechanism for putting phones into a retail store demo mode—it is not Google software. Yet for years, it has been in each Android release for Pixel and has deep system privileges, including remote code execution and remote software installation. Even riskier, the application is designed to download a configuration file over an unencrypted HTTP web connection that iVerify researchers say could be hijacked by an attacker to take control of the application and then the entire victim device. - Note: Well that's leaving the backdoor wide open. ---