Comment by Taterr
8 hours ago
So we should just accept that all apps must treat android notifications as a compromised communication channel?
The scammers will find some other way to abuse the very generous permissions allowed by an android app if you prevent the notification attack.
> So we should just accept that all apps must treat android notifications as a compromised communication channel?
Look, that's an OS issue, not an app distribution issue. If I could use the trusted, vetted software from F-Droid I wouldn't need to worry about this sort of attack.