Haha, there has to be a proper security system/ecosystem on Android to be interesting to break, not one that effectively needs giving every app you want to share a single photo with the entire filesystem access, for example.
I recently tried Android again on Pixel 3 and effectively I have to find a way to send a file to an app without the storage permission. Is that an app-specific thing? I have yet to find an app that doesn’t do that. I understand the issues with the older versions that required install-time permission grant and this is not that issue.
Android still allowed an workaround for older apps, as the old OS behavior will be done for apps that still target older versions.
This is no longer allowed for new apps since January, as the minimum allowed version to be targeted is Oreo (8.1).
Regarding the storage, with Oreo as minimum version, the changes introduced in Nougat will be enforced, just like with UWP and iOS, only indirect access is allowed (SAF).
I remember seeing more Google product related articles on their blog up until a couple of years ago. Then they stopped or slowed down, or at least they seem to concentrate a lot more on Apple and Microsoft. I guess some bugs are disclosed internally and fixed before they go public and some may not warrant blog posts.
I am sure they're working on finding bugs in Google code but just like any other company they're not going to shoot themselves in the foot by advertising these internal findings more than needed.
Just to take a look I opened the Project Zero main blog page and the newest article was on a bug in https://github.com/google/skia/ so I'm not sure I can take your comment with any ounce of credibility.
https://googleprojectzero.blogspot.com/2019/02/the-curious-c...