It was the Google's nearby connections API that was vulnerable, I read the research paper linked in your post, not fully offcourse, I find it little boring to read reseasrch papers, they are usually very big, me also lazy panda :). Its a nice read. Thanks for sharing!