this post was submitted on 23 Jul 2025
41 points (100.0% liked)
Cybersecurity
7945 readers
23 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
@floofloof "TapTrap works even on the latest Android version, Android 16. We reported this issue to Google and major browser vendors in 2024. Browsers have fixed the issue as of July 2025, but Android itself remains vulnerable (see the disclosure timeline for details)."
JFC, Google
It then mentions that the underlying issue was independently reported to Google by another researcher in early 2023. So they have had more than two years.
For some single-person or even small group project, I can understand not having time to deal with something. At the point that it is a large, commercial entity and running a lot of the world's devices, there should be legal implications for such negligence.
With that kind of timeline, maybe its a feature and not a bug. Just not a feature users want or need.