Google Pixel Security Flaw Could “Facilitate Tracking” – Fix Releasing on Tuesday

Author Photo
Dec 30, 2016
11Shares
Share Tweet Submit

Reports suggest that Google’s latest Pixel and Pixel XL are facing a camera-related security issue that could “facilitate tracking”. Google is reportedly already working on a fix internally, which is expected to be released next week.

Pixel camera issue could “facilitate tracking”

Google releases security updates to its Android devices every month. However, as a new camera-related security issue on the Pixel and Pixel XL proves, security problems will always slip through. Folks at 9to5Google spotted a commit to the Pixel AOSP that said that “the serial number for the HTC-made front facing camera sensor changes between different devices”. This identification of camera sensor changes could potentially allow third-party apps to track individual devices.

Camera sensor’s serial number, stored in system property htc.camera.sensor.front_SN, appears to change between different devices and could thus facilitate tracking.

Considering the security concerns of any loopholes that lead to tracking capabilities, Google has already issued a fix internally yesterday that restricted “access to camera sensor’s serial number” for various parts of the system, preventing other apps from having access to it.

This commit restricts access to this system property to cameraserver and dumpstate and shell SELinux domains.

Test: Camera works, serial number property still available via ADB, but not readable by apps.

Pixel and Pixel XL are considered to be the best Android phones of the year, getting timely security and feature updates, and sporting top of the line specs. However, similar to this year’s iPhone 7 duo, the Pixel lineup has also faced a number of issues, from battery shutdowns to freezing issues and audio problems.

Google Pixel Users Are Now Complaining That Their Phones Shut Off at 30% Battery Capacity

Google is expected to release the first security patch of 2017 a day later than expected due to New Year’s eve. Interestingly, LG has already posted a January security bulletin that says the company will be fixing a total of 81 vulnerabilities (that includes 8 specific to LG devices). Google will likely send a patch for this particular Pixel security issue with January’s security update, planned for Tuesday next week.

Share Tweet Submit