One has to wonder about the future and the motivation for the open source Android anymore. Some conspiracy-theory-inclined folks have speculated that the master plan all along has been to attract people to the open-source Android, then slowly get the thought leaders/developers hooked on Google Play Services with proprietary
lock-in i mean value add. Surprisingly, leaving gaping holes in what seems to be a poorly maintained open-source alternative codebase fits right into such hypothetical plan:
Currently, there is not much that users can do to avoid this problem. They can opt to use [mobile] browsers that are not affected by this vulnerability, such as Chrome or Firefox.
…and then just let FUD as well as real security fiascos put the open-source alternative to rest. Of course, personally I’m not into conspiracy theories, but it would be upsetting if the events took a turn in that direction. As a user, I chose Android because it’s very hackable in a good sense, and because it’s open. It would be really sad to see any of that change.