Google’s ‘Secret’ Update Scans All Your Photos
-
And you’ll again inconvenience a human slightly as they look at a pixelated copy of a picture of a cat or some noise.
No cops are called, no accounts closed
The scaling attack specifically can make a photo sent to you look innocent to you and malicious to the reviewer, see the link above
-
Per one tech forum this week: “Google has quietly installed an app on all Android devices called ‘Android System SafetyCore’. It claims to be a ‘security’ application, but whilst running in the background, it collects call logs, contacts, location, your microphone, and much more making this application ‘spyware’ and a HUGE privacy concern. It is strongly advised to uninstall this program if you can. To do this, navigate to 'Settings’ > 'Apps’, then delete the application.”
Google says that SafetyCore “provides on-device infrastructure for securely and privately performing classification to help users detect unwanted content
Cheers Google but I'm a capable adult, and able to do this myself.
-
did they make it so after people started removing it?
Nah, for system stuff that updates via Google Play, it's always been like that. Like Android System Webview for example, if you search Google Play for it you only see the Beta and Developer versions of it. You need a direct link to see the default one included with modern Android.
https://play.google.com/store/apps/details?id=com.google.android.webview
-
Do we have any proof of it doing anything bad?
Taking Google's description of what it is it seems like a good thing. Of course we should absolutely assume Google is lying and it actually does something nefarious, but we should get some proof before picking up the pitchforks.
Whether the people at Google who did this knows they are evil or thinks they are not evil doesn't really even matter. Having a phone app that automatically scans all your photos should scare the shit out of you. At the very least it wastes your battery and slows down your phone.
-
True or not, one can avoid the whole issue by using your phone as a phone, maybe to send texts, with location, mike, and camera switched off permanently, and all the other apps deleted or disabled. Sure, Google will still know you called your SO daily and your Mom once a week (NOT ENOUGH!), and that you were supposed to pick up the dry cleaning last night (did you?). Meh. If that's what floats the Surveillance Society's boat, I am not too worried.
People can go further than that and install a ROM for their phone that doesn't have any Google apps on it. People can even use applications that normally require Google Play Services by using microG, which spoofs things. You can also root your phone with Magisk and use apps to block anything leaking anything else.
-
To quote the most salient post
The app doesn't provide client-side scanning used to report things to Google or anyone else. It provides on-device machine learning models usable by applications to classify content as being spam, scams, malware, etc. This allows apps to check content locally without sharing it with a service and mark it with warnings for users.
Which is a sorely needed feature to tackle problems like SMS scams
You don't need advanced scanning technology running on every device with access to every single bit of data you ever seen to detect scam. You need telco operator to stop forwarding forged messages headers and… that's it. Cheap, efficient, zero risk related to invasion of privacy through a piece of software you did not need but was put there "for your own good".
-
Whether the people at Google who did this knows they are evil or thinks they are not evil doesn't really even matter. Having a phone app that automatically scans all your photos should scare the shit out of you. At the very least it wastes your battery and slows down your phone.
If it provided a feature to automatically block incoming dick pics, which Google claims it's for, was fully local, and only scanned incoming messages, not my own gallery, which is what Google claims, I would likely find it useful. There is nothing wrong with the idea in general.
At the very least it wastes your battery
Again, if it's an optional feature that you can choose to turn on or off, there is nothing wrong with that.
-
What's over engineered about it?
In my experience, the API has iteratively made it ever harder for applications to automatically perform previously easy jobs, and jobs which are trivial under ordinary Linux (e.g. become an access point, set the IP address, set the PSK, start a VPN connection, go into monitor / inject mode, access an USB device, write files to a directory of your choice, install an APK). Now there's a literal thicket of API calls and declarations to make, before you can do some of these things (and some are forever gone).
The obvious reason is that there are a billion fools whom Google tries to protect them from scamers.
But it kills the ability to do non-standard things, and the concept of your device being your own.
-
You don't need advanced scanning technology running on every device with access to every single bit of data you ever seen to detect scam. You need telco operator to stop forwarding forged messages headers and… that's it. Cheap, efficient, zero risk related to invasion of privacy through a piece of software you did not need but was put there "for your own good".
I will perhaps be nitpicking, but... not exactly, not always. People get their shit hacked all the time due to poor practices. And then those hacked things can send emails and texts and other spam all they want, and it'll not be forged headers, so you still need spam filtering.
-
Waydroid?
To be clear, I haven't used it at all and have no idea how well it works.
Tried it on my laptop. Doesn't work at all
-
Here's a link to it in PlayStore. It mentions some of the features it is a dependency for.
I saw that, that's what I meant by "it sounds like it has the capabilities to spy", something that can do all those things must have lots of access and could provide perfect cover for any number of undesirable processes.
-
In my experience, the API has iteratively made it ever harder for applications to automatically perform previously easy jobs, and jobs which are trivial under ordinary Linux (e.g. become an access point, set the IP address, set the PSK, start a VPN connection, go into monitor / inject mode, access an USB device, write files to a directory of your choice, install an APK). Now there's a literal thicket of API calls and declarations to make, before you can do some of these things (and some are forever gone).
The obvious reason is that there are a billion fools whom Google tries to protect them from scamers.
But it kills the ability to do non-standard things, and the concept of your device being your own.
I suppose that's all true, I'd say more "following apples lead on locking things down" than over engineered, but
.I find myself avoiding the whole root business, I do want my mobile device to be fairly locked down. But I also use alternative OSs and app stores to avoid 90% of the garbage (stuff I can't avoid I put in work profile, like I still need google maps).
It works for me, but on the front of this complexity driving away devs I don't really see a viable alternative. Base Linux isn't secure enough for what we put on these little computers. I mean you've still got tons of influential people arguing you shouldn't use secureboot or a tpm as if leaving your whole computer unsecured is better than the indignity of using a non-free bios.
-
There's an app called obtainium that let's you link the main page of github apps and manages both the download, the instalation and the updates of those apps.
Great if you want the latest software directly from the source.
Love me some Obtainium. Did my first PR this week (adding cross-device sync via SxncD)
-
Per one tech forum this week: “Google has quietly installed an app on all Android devices called ‘Android System SafetyCore’. It claims to be a ‘security’ application, but whilst running in the background, it collects call logs, contacts, location, your microphone, and much more making this application ‘spyware’ and a HUGE privacy concern. It is strongly advised to uninstall this program if you can. To do this, navigate to 'Settings’ > 'Apps’, then delete the application.”
I didn't see it anywhere on my phone but ill look into it more after work. Thanks for the heads up.
-
The app can be found here: https://play.google.com/store/apps/details?id=com.google.android.safetycore
The app reviews are a good read.
Apparently I'm a beta tester for it, don't recall signing up for beta tests with it
-
Why do you need machine learning for detecting scams?
Is someone in 2025 trying to help you out of the goodness of their heart? No. Move on.
Blaming the victim solves nothing.
Scamming is a rapidly growing industry that is becoming more professional and specialized all the time. Anyone can be scammed.
-
if the cellular carriers were forced to verify that caller-ID (or SMS equivalent) was accurate SMS scams would disappear (or at least be weaker). Google shouldn't have to do the job of the carriers, and if they wanted to implement this anyway they should let the user choose what service they want to perform the task similar to how they let the user choose which "Android system WebView" should be used.
No, that wouldn't make much difference. I don't think I've seen a real world attack via SMS that even bothered to "forge" the from-field. People are used to getting texts from unknown numbers.
And how would you possibly implement this supposed "caller-id" for a field that doesn't even have to be set to a number?
-
There's another one mentioned in the comments
....but Safetycore is the main point, and you linked about that again. How about you just...say the fucking name. Now. Here.
-
No, that wouldn't make much difference. I don't think I've seen a real world attack via SMS that even bothered to "forge" the from-field. People are used to getting texts from unknown numbers.
And how would you possibly implement this supposed "caller-id" for a field that doesn't even have to be set to a number?
caller id is the thing that tells you the number. it isn't cheap to forge, but it's the only way a scan could reasonably effect anyone with more than half a brain. there is never a reason to send information to an unknown SMS number, or click on a link from a text message from an unknown number.
-
I've got a Pixel 8 Pro and I'm currently using the stock OS. Anything in particular that you miss with Graphene OS?
I still use a stock pixel for work related and daily usage, but the alternatives I've found between F-Droid and Aurora store I've never felt lacking.
Maybe I'll finish the switch fully in the coming months.
