Originally Posted by juiceme On a more-or-less standard Android device this attack might be rolled into a generic package that can take control of the device and either used to leak data or use it as a part of a botnet. But that's exactly my point! You do not need to exploit any vulnerability or become root to do any of the things you mention. I know that especially Linux users like to think in terms of root vs non-root and yes, root can cause a damage to the system, but the days when the system was the part worth protecting are gone by at least two decades. Wake up to the 21st century, people. The system is replaceable. The bits that need protecting are your user data. Those do not need a root access to be compromised.
On a more-or-less standard Android device this attack might be rolled into a generic package that can take control of the device and either used to leak data or use it as a part of a botnet.
Originally Posted by juiceme TLDR; probably you are safe in any case. If you do not install Alien Dalvik at all, you certainly are safe. Again, my argument is that you are not safe. You might be safe from an overhyped threat of the week but you are totally unprotected against any potential malicious activity any native Sailfish application may want to do. (Case in hand: the flashlight app, the first Sailfish malware that sprung up just weeks after Sailfish was first released.)
TLDR; probably you are safe in any case. If you do not install Alien Dalvik at all, you certainly are safe.