It is worrisome, but there is relatively good news. Google already issued a patch that partially mitigates the problem. That patch limits the activities an app can invoke blur on, the function that allows transparent layers, and is what a pixnapping attack uses to capture data. But researchers have found a workaround. The attack, however, is not easy to carry out, and you need to install a malicious Android app first, then open it. Unfortunately, the malicious app does not need extra permissions...
