If you are developing an autofill service for Android 8.0 ��� and, in
particular, if Google is not working with you on that service ��� I strongly
encourage you to read this white paper
that I just published.

In a nutshell, with Android 8.0 autofill, malicious activities can request
autofill data via invisible widgets, or via widgets that cannot be seen for
other reasons. Google feels that it is the responsibility of autofill service
developers to deal with this case. So, if you are developing an autofill
service, you need to solve this problem��� despite little current documentation
on how to solve this problem.

In the paper, I describe the issue in greater detail and provide Google���s
recommendations on what to do. Eventually, those recommendations will (hopefully)
roll into official documentation and sample apps from Google. However,
with the O Developer Preview series completed and the official release of
Android 8.0 coming up soon, autofill service developers do not have time
to waste waiting for Google to explain what is required to try to mitigate
this security problem. That���s why I published the aforementioned
white paper,
so that developers racing to implement autofill services have a chance of
handling this case.

Personally, I will be turning off autofill on my ���daily driver��� Android devices,
once they get the update to Android 8.0. I am not a security researcher nor a malware
author. So, if a schmuck like me can find problems like this, I worry that there are many more
problems of which I am unaware. Since I rarely find myself typing in
autofill-style information into my devices, I would rather avoid any attendant
risks with autofill.