this post was submitted on 03 Oct 2024
212 points (98.6% liked)

DeGoogle Yourself

8696 readers
3 users here now

A community for those that would like to get away from Google.

Here you may post anything related to DeGoogling, why we should do it or good software alternatives!

Rules

  1. Be respectful even in disagreement

  2. No advertising unless it is very relevent and justified. Do not do this excessively.

  3. No low value posts / memes. We or you need to learn, or discuss something.

Related communities

!privacyguides@lemmy.one !privacy@lemmy.ml !privatelife@lemmy.ml !linuxphones@lemmy.ml !fossdroid@social.fossware.space !fdroid@lemmy.ml

founded 4 years ago
MODERATORS
CrypticCoffee@lemm.ee
CrypticCoffee@lemmy.ml
Byereddithellolemmy@lemmy.world
chevy9294@monero.town
212
Who owns your shiny new Pixel 9 phone? You can’t say no to Google’s surveillance (cybernews.com)
submitted 2 weeks ago by gytrash@feddit.uk to c/degoogle@lemmy.ml
111 comments fedilink hide all child comments
 

Google's latest flagship smartphone raises concerns about user privacy and security. It frequently transmits private user data to the tech giant before any app is installed. Moreover, the Cybernews research team has discovered that it potentially has remote management capabilities without user awareness or approval.

Cybernews researchers analyzed the new Pixel 9 Pro XL smartphone’s web traffic, focusing on what a new smartphone sends to Google.

“Every 15 minutes, Google Pixel 9 Pro XL sends a data packet to Google. The device shares location, email address, phone number, network status, and other telemetry. Even more concerning, the phone periodically attempts to download and run new code, potentially opening up security risks,” said Aras Nazarovas, a security researcher at Cybernews...

... “The amount of data transmitted and the potential for remote management casts doubt on who truly owns the device. Users may have paid for it, but the deep integration of surveillance systems in the ecosystem may leave users vulnerable to privacy violations,” Nazarovas said...

you are viewing a single comment's thread
view the rest of the comments
[–] ExtremeDullard@lemmy.sdf.org 46 points 2 weeks ago* (last edited 2 weeks ago) (24 children)

Who truly owns the device is a question that has been answered ever since Android came into being.

Ask yourself: do you have root access to YOUR phone? No you don't: Google does.

It's the so-called "Android security model", which posits that the users are too dumb to take care of themselves, so Google unilaterally decides to administer their phone on their behalf without asking permission.

Which of course has nothing to do with saving the users from their own supposed stupidity and everything to do with controlling other people's private property to exfiltrate and monetize their data.

How this is even legal has been beyond me for 15 years.

[–] circuscritic@lemmy.ca 29 points 2 weeks ago* (last edited 2 weeks ago) (5 children)

Please read the many write-ups by developers of well regarded privacy and security ROMs, such as grapheneOS and divestOS.

Who detail in great length why root access is a bad idea, and why many apps that require root access, are just poorly developed security nightmares.

That said, I agree that it should be an option, or at least a standardized means of enabling it. As well as all bootloaders should be unlockable. But phones are more personal devices than the PC ever was, and there are good reasons NOT to push for the proliferation of standardized root access.

[–] Psyhackological@lemmy.ml 4 points 2 weeks ago (1 children)

I have GrapheneOS and I know having root is not ideal and I was wondering about https://shizuku.rikka.app/ It looks like a more elegant way to have for some apps higher privileges while preserving security but I'm not sure about it so I'm thinking out loud

[–] circuscritic@lemmy.ca 4 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

I will admit that I also use Shizuku, but I only enable it for short bursts when I need access for a very select number of precise use cases. Immediately afterwards, I reboot.

I also assume that if I spent any amount of time digging into it, I would realize it's a bad idea, but nothing's perfect.

And don't assume that all apps allowing Shizuku access were developed securely, or that there all developers have good intentions. Really I only use it for Swift, or if I'm really behind on my updates, I'll briefly allow Droidify access for hands off updating.

[–] Psyhackological@lemmy.ml 1 points 2 weeks ago

Is rebooting disables Shizuku?

How do you do these short bursts? Through adb?

And still Shizuku seems like a better idea than rooting the smartphone.

load more comments (3 replies)
load more comments (21 replies)