Whoops! It seems there was a bug in the Android TV function that allows you to set your screensaver function to show your Google Photos, a reasonably serious bug that (given the right circumstances) allowed other users to view your photo stream.

The tweet above shows what the user was greeted with when trying to setup the ambient mode screensaver, hundreds and and hundreds of Google accounts that he seemingly had availability of photo streams from. Fortunately the photo streams didn’t work, so perhaps Google knew of this already and were working on a fix?

Following the Twitter conversation, Google’s response was to check in with the TV manufacturer. Android Police has already done the legwork in contacting the TV manufacturer and Google about the potential for privacy breach with this bug getting the following from Google

“We take our users’ privacy extremely seriously. While we investigate this bug, we have disabled the ability to remotely cast via the Google Assistant or view photos from Google Photos on Android TV devices.”

and this from Vu Technologies:

We were recently notified that there was a malfunction of Google Home App in some of the Android TVs. After verifying the incident we have informed our customers that it was not an issue of Vu Television but it was software malfunction of the Google Home App. We take your privacy very seriously. Vu has a long-standing commitment to protecting the privacy of the personal information that our customers entrusts to us.

Which is interesting given Google’s initial response, but it’s comforting to know that the issue has been resolved and photo streams re-enabled.

What’s more disturbing is how this happened in the first place.

Source: Preshanth.
Via: Android Police.
1 Comment
Inline Feedbacks
View all comments
Damien Robinson

I’ve had this issue with my home app and my android tv for about a year. I have over 1000 connected accounts to my android tv (I stopped counting at 900 and I was nowhere near the bottom of the screen). I messaged Google and never heard back. I’m glad it’s not just me and it was very disconcerting to see so many names and account pictures attached to one of my devices with no way of getting rid of them…