@phoneboy The Android fun continues: https://github.com/commonsguy/AutofillFollies > Google's engineers on the security issue admit that the flaw exists and that it would be difficult, if not impossible, to defend against malicious activities. > > As such, Google is taking the approach of dumping this issue on the laps of the developers of autofill services. That is the context for the quote at the top; Google believes that well-crafted autofill services will resolve this issue. In the issue, Goog

@phoneboy The Android fun continues: https://github.com/commonsguy/AutofillFollies

Google's engineers on the security issue admit that the flaw exists and that it would be difficult, if not impossible, to defend against malicious activities.
>
> As such, Google is taking the approach of dumping this issue on the laps of the developers of autofill services. That is the context for the quote at the top; Google believes that well-crafted autofill services will resolve this issue. In the issue, Google has stated that their own autofill service implementation that ships pre-installed and pre-enabled on Android 8.0 will be well-crafted.

I don't know how they expect well-crafted anything to predominate on Android after all these years. >.>

/@jussipekonen @kdfrawg @gtwilson

2017-08-09T12:07:11Z