Potential bug in Android ecosystem may expose other users’ Google Photos on Android TV devices: Report

By Digit NewsDesk | Published on 05 Mar 2019

According to a string of tweets by an Android TV user, he could access all the accounts linked to an Android TV device.

Potential bug in Android ecosystem may expose other users’ Google Photos on Android TV devices: Report

Want to modernise your banking loan application?

Build an application that analyses credit risk with #IBMCloud Pak for Data on #RedHat #OpenShift

Click here to know more



  • Potential bug gives access to all accounts connected to Android TV
  • It can also allow users to display photos of these linked account on the platform
  • Google has launched a probe into the issue


UPDATE: After Google, Vu Televisions have responded to the issue. "Vu Televisions were recently informed about a malfunction of the Google Home App in an Android TV. After verifying the incident Vu Televisions informed Google who has confirmed it was a software malfunction of the Google Home App. We thank our customer who brought this to our notice, and we can confirm that Google is rectifying their fault immediately. Vu Televisions is known for its excellent and responsive customer service, and is the only television brand with an ISO 9001 service center," the company said.

Bugs have been infamous for leaking out private data in public domain, and in a latest development, Google’s Android ecosystem is at the centre of a controversy. A twitter user has found that he has access to all the accounts connected to an Android TV (Android OS modified for TVs) device as well as to the Google Photos app linked to these accounts. What’s horrifying is that he has the power to display personal photos of those those account holders on Android TV through the Ambient Mode screensaver settings.

Brought to the fore by Twitter user prashanth, the bug was claimed to be found in Android TV and the Google Home app. When the user tried to access his VU Android TV device through the Google Home app, he could check out the linked accounts of a lot of users. Earlier it was thought that the the issue was only in the TVs manufactured by VU, however, another user claimed that the bug is not restricted to the manufacturer, but may be related to Android TV, Google accounts or the Google Home app.

The Twitter user claims that he reset the Android TV, which prevented them from accessing any image on Google Photos, even their own. There are possibilities that the toggle shown in the video may be “enabled”, but the photos of strangers weren’t actually shown, and just the accounts were listed. Nonetheless, it is a matter of privacy concern that should not be overlooked. Reportedly, This VU TV runs Android 7 and has not received any security patches since 2017.

Meanwhile, Google has responded to the issue and has launched an investigation into the matter. “We take our users’ privacy extremely seriously. While we investigate this bug, we have disabled the ability to remotely cast via the Google Assistant or view photos from Google Photos on Android TV devices,” Google was quoted as saying. There is very little news about the Android TV updates and patches. However, Google has already announced that it will bring the Android 9 Pie update for Android TV.

Related Read:

Adiantum is Google’s latest security innovation to enable encryption on less powerful devices

Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.

DMCA.com Protection Status