46
Discussion: Is Android Doing Enough to Protect Your Privacy? (infosec.pub)
submitted 8 months ago by henfredemars@infosec.pub to c/android@lemdro.id
25 comments fedilink hide all child comments

Google claims that privacy is a priority, and perhaps it is, but we can't deny there's an essential conflict of interest between protecting your privacy and Google being an advertising company.

Recent events in this space include Google's new Ad Topics framework, which purports to offer users more control. I feel it's an improvement over cookies, but having my device participate in tracking me is backwards. After all, my device should be protecting my privacy first, not implementing features to track my behavior.

Data "nutrition labels" in the Play Store are a step forward by encouraging proactively a discussion about how user data is processed and used. On the other hand, recent attempts at DRM for the web in Chrome remind us that the main vendor behind Android doesn't always have user interests at heart.

Is Android doing enough to keep your data safe? If not, what steps could reasonably improve the situation?

In sharing your opinion, please take care to distinguish between Google the company and Android the product. While related, given Google may have privacy issues in one line of business doesn't necessarily define privacy practices on the Android platform. Also, another interesting angle includes what's best for you versus what's best for users as a whole. For example, a privacy feature, to be successful, needs to be reasonably understandable by most users and offer a net benefit without complicating the platform for casual users.

all 26 comments
sorted by: hot top controversial new old
[-] mlfh@lemmy.ml 26 points 8 months ago

Any proclaimed prioritization of privacy or privacy improvements in stock Android serve only to bring your data more directly under the control of Google at the expense of other entities, so that those other entities must pay Google as a middleman to your data. On stock Android, there is no privacy - Google has access to everything, always.

In my opinion, one step that could reasonably be taken to improve the situation is for Google to go fuck itself, lose every anti-trust suit brought against it, and die.

[-] henfredemars@infosec.pub 7 points 8 months ago

Would you say it's kind of like privacy controls on Facebook?

I.e: We're happy to help you manage your privacy, as long as you're not limiting our access to your data.

[-] squaresinger@feddit.de 17 points 8 months ago

Whenever a company claims "Your privacy is a priority", they just left out the word "Violating" at the beginning of the statement.

[-] Knusper@feddit.de 13 points 8 months ago

Some years ago, when Google introduced the permission system with Android Marshmallow, I watched this developer conference presentation. At the end of it, a visitor asked whether there's also a permission to prevent internet access.

The Google guy who had presented it, responded that there was not, because with the other permissions in place, no app would have access to data that shouldn't be on the internet.

I'd wager every single person in that room was techy enough to know that this was complete horseshit, including the presenter, but that did not stop him from pressing it out his grinning teeth.

To this day, when you install a third-party keyboard app, you either trust it with all your passwords and everything you type + internet access, or you don't use one, even though 99% of third-party keyboards don't need internet.
Similarly, you could allow camera apps etc. to not need to ask for permission, if they don't use the internet, thereby reducing user fatigue.

Instead, Google decided to compromise security of the Android platform, I imagine, because they want apps to ship with (their) ads and trackers.

[-] henfredemars@infosec.pub 8 points 8 months ago

This is really insightful. I've always questioned the lack of an Internet permission. Keyboard applications are a really good example of apps that don't need internet access.

But without internet, no telemetry, no advertising. I think that's a compromise Google cannot make.

Internet access should absolutely be a user controlled permission.

[-] skuzz@discuss.tchncs.de 3 points 8 months ago* (last edited 8 months ago)

While not disagreeing with you, Android does have an Internet permission in the manifest. For an application to use network access, it must define both:

uses-permission android:name="android.permission.INTERNET"
uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"

Sauce: https://developer.android.com/develop/connectivity/network-ops/connecting

So if a keyboard is open source, one could quickly validate if the keyboard app actually is requesting to have Internet access or not, and one could choose a keyboard based on it not using these permissions.

(Edit: Formatting.)

[-] Knusper@feddit.de 6 points 8 months ago

Yeah, I was actually aware of that, while writing the above. The AndroidManifest.xml is zipped into the APK-file, so even for closed-source apps, you should be able to check it.

Problem is, of course, that it doesn't help less techy folks, but also that you can't prevent app updates from suddenly adding internet access.

And that you can't take it away from apps that do claim to need it. At some point, I had some sort of root/XPosed/whatever setup, where I could take this permission away from apps, but because this was a thing that couldn't happen normally, they all just flopped over sideways, saying things like "Please connect to WiFi 🥺".

[-] skuzz@discuss.tchncs.de 4 points 8 months ago* (last edited 8 months ago)

Good callout that it could be sneaked in later without alert. I hadn't considered that perspective. Another reason to be always wary of app updates and the auto-update model.

[-] k0mprssd@lemm.ee 10 points 8 months ago

(on pixels at least) if you go into your google settings from the settings app, manage your google account, data and privacy, web and app activity, google is tracking literally EVERYTHING you do on your phone if you have this on. this was the most egregious invasions of privacy I've ever seen, baked into android and hidden away for users to disable, and it's even harder to disable if you dont have a pixel. google does not give a fuck about "privacy" on android, they could start by just tearing all that stuff out but thats how the money is made so we're left with alternatives like grapheneos.

[-] comrade_pibb@hexbear.net 4 points 8 months ago

They ostensibly care about privacy between you and third parties. It makes the data Google collects about you more valuable

[-] Jailbrick3d@lemmy.world 8 points 8 months ago

Google claims that privacy is a priority

lmfao

You can somewhat protect your own privacy via VPNs, adblockers... I personally use TrackerControl, which for the most part can identify and block unnecessary trackers and URL connections on an app-by-app basis to better protect your privacy

[-] petrescatraian@libranet.de 6 points 8 months ago

@henfredemars I think Android is doing enough to keep my data safe. Google on the other hand...

So yea, if you really care about privacy, disable every Google service that you can (without affecting the normal functioning of your device) and use F-Droid to install all your apps. Also, use open source alternatives wherever possible.

[-] mojo@lemm.ee 5 points 8 months ago

If any tracking or advertisment is ever opt out rather then opt in, then no.

[-] hottari@lemmy.ml 2 points 8 months ago

I don't know about privacy but Android's security is good enough. If really care about privacy anyway, you should be using microG or GrapheneOS where Google's spying is limited on the device.

[-] Knusper@feddit.de 2 points 8 months ago

Privacy is one discipline of security...

[-] ReversalHatchery@beehaw.org 2 points 8 months ago

Neither microg or grapheneos solves all problems. I don't think the question here is mainly about google's tracking components, I think it is instead about system design to avoid leaking data.

That being said, as far as I know accelerometer and compass is still available to apps in an unrestricted manner even in the background, similarly with the speaker through which apps are still allowed to produce sounds that your can't hear, but tracking systems in the mall or even in smart devices at home listen to it.
The same can really be said about any other sensor with the exception of the mic and the cams because of permissions, but the impact of permissions really get nullified when your smartphone comes from the factory with 3 facebook apps installed, where 2 of them is an unremovable system app with all permissions granted. You still can't limit whether an app should have access to devices on the LAN when connected to WiFi, which means your phone (through a malicious app) can act as a gateway for tracking data if let's say you have blocked your smart tv from internet access (either directly, or by just the facebook app scraping all information of all devices on your network, that may also include data in how you use it (screen on time hours), or collected data that was expected accidentally or not).

There are several other points here too that I haven't mentioned.

[-] hottari@lemmy.ml 1 points 8 months ago

MicroG & GrapheneOS projects specialize in blocking non-essential tracking related connections to Google. They are effective at that too.

accelerometer and compass is still available to apps in an unrestricted manner even in the background, similarly with the speaker through which apps are still allowed to produce sounds that your can’t hear, but tracking systems in the mall or even in smart devices at home listen to it

Doesn't sound like an Android problem as any device with a speaker can be abused if I understand what you are saying.

Can't speak for compass & accelerometer permissions but how do you expect auto-rotation to work in apps?

Do you really expect people to push a consent toggle every time they visit pornhub.com. Be serious.

I think you are overthinking this. The concern here should be can Google or any other party exfiltrate this offline data and if so, what can you do to stop it?

Popping up a Wireshark equivalent and monitoring the chatter on your device is a good place to start. Otherwise you would be making cases for where there is no argument to be made.

[-] ReversalHatchery@beehaw.org 1 points 8 months ago

Can't speak for compass & accelerometer permissions but how do you expect auto-rotation to work in apps?

Part of auto-rotation has always been happening in the system.
It's not the apps detecting when they need to rotate, but the system tells them about it.
Apps don't need access to precise sensor data.

Do you really expect people to push a consent toggle every time they visit pornhub.com. Be serious.

  1. Where did I say this?
  2. Did you hear about remembering permissions?

I think you are overthinking this.

I am really not. You may have said that 40 years ago and it would be fine, but nowadays it's not just scientists running professional software on their computers that's virtually granted to not do anything wrong, we all run apps that we don't completely trust, because it's not possible.
If that wouldn't be the case, we wouldn't have permission toggles for microphone and network access.

The concern here should be can Google or any other party exfiltrate this offline data and if so, what can you do to stop it?

Oh, they can, and you will see it if you read my previous comment in whole.

Popping up a Wireshark equivalent and monitoring the chatter on your device is a good place to start. Otherwise you would be making cases for where there is no argument to be made.

If it doesn't happen today, that does not mean it won't ever.
Also, apps can detect if a VPN is active (which is required for capturing packets in a way that allows you to see the source app) and change their behavior. And then I doubt that you can capture broadcast messages that way, because why would that be routed through a VPN? (even when not a real one)

[-] hottari@lemmy.ml 1 points 8 months ago

You have a lot of theory but unfortunately proof is needed for the paranoid claims you insist on making.

Am wary of the potential of developers abusing Android permissions in their apps and doing unwanted things on our devices. As a privacy enthusiast I try to limit the number of app installs to essential need only.

But Google Play store have a review process for vetting apps and Android in general has a strong sandbox for apps.

[-] ReversalHatchery@beehaw.org 1 points 8 months ago

About tracking with smart devices and inaudible sounds: https://www.cityfreqs.com.au/pilfer.php
About tracking the accelerometer, gyroscope data: https://www.reddit.com/r/StallmanWasRight/comments/13u78hn/researchers_found_that_inconspicuous_smartphone/ (another discussion on the same source)
About cooperated tracking between your devices on your home network: I think you can see it yourself if you have worked with a computer network, as really it's just about untrusted computers being able to communicate.

Am wary of the potential of developers abusing Android permissions in their apps and doing unwanted things on our devices.

They don't need to abuse permissions, because, as I said, a lot of things are unfortunately not gated by permissions.

[-] hottari@lemmy.ml 1 points 8 months ago

You're gonna need better sources if you are going to convince anyone that phones are listening to you with mic permission disabled.

That said, I think you know what to do if you are getting your news from the RMS sub. None of these privacy violations, if they exist, would happen to you if you used a Linux phone.

[-] ReversalHatchery@beehaw.org 1 points 7 months ago* (last edited 7 months ago)

By the way, it seems there are companies who claim to do this: https://lemm.ee/post/14867323

Honestly, I'm not shocked at all. Smart TVs don't usually gate microphone access behind a permission, and even on smartphones, it's very plausible to me that most people just allow any and all permission popup mindlessly.

Yes, I'm not one of those. But my environment is filled with people who don't care about tech and privacy at all, and with their behavior they compromise my privacy too.

[-] ReversalHatchery@beehaw.org 1 points 7 months ago* (last edited 7 months ago)

You're gonna need better sources if you are going to convince anyone that phones are listening to you with mic permission disabled.

I don't remember saying that. Can you point to where have I said that?

I have mentioned microphone tracking because even when put behind a permission, it is still a concern for apps for which you have allowed microphone access for some reason, often because you didn't really have a choice.

There are many other problems other than that, though, that I have mentioned but you didn't address.

That said, I think you know what to do if you are getting your news from the RMS sub. None of these privacy violations, if they exist, would happen to you if you used a Linux phone.

Yeah probably, but this is an Android community, not a Linux one, and OP has had a question on the topic

[-] jet@hackertalks.com 1 points 8 months ago

Any system that creates an advertisement tracking ID for you, is not created for your privacy

this post was submitted on 29 Oct 2023
46 points (92.6% liked)

Android

16887 readers
85 users here now

The new home of /r/Android on Lemmy and the Fediverse!

Android news, reviews, tips, and discussions about rooting, tutorials, and apps.

🔗Universal Link: !android@lemdro.id

💡Content Philosophy:

Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.

Support, technical, or app related questions belong in: !askandroid@lemdro.id

For fresh communities, lemmy apps, and instance updates: !lemdroid@lemdro.id

💬Matrix Chat

💬Telegram channels / chats

📰Our communities below

Rules

  1. Stay on topic: All posts should be related to the Android OS or ecosystem.

  2. No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to !askandroid@lemdro.id.

  3. Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to !androidmemes@lemdro.id.

  4. No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.

  5. No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.

  6. No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.

  7. No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.

  8. No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.

  9. No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!

  10. No affiliate links: Posting affiliate links is not allowed.

Quick Links

Our Communities

Lemmy App List

Chat and More

founded 1 year ago
MODERATORS
ijeff@lemdro.id
ladfrombrad@lemdro.id
Paradox@lemdro.id
multimoon@lemdro.id
inspector@gadgetro.id
mikestevens@lemdro.id
Devgard@lemmy.world
limerod@reddthat.com