Google’s ‘Secret’ Update Scans All Your Photos
-
Yeah so here's the next problem - downscaling attacks exists against those algorithms too.
And you’ll again inconvenience a human slightly as they look at a pixelated copy of a picture of a cat or some noise.
No cops are called, no accounts closed
-
Wouldn’t it be a given that I don’t have an android phone?
That's what you don't use, which wasn't what they asked, right?
-
And what exactly does that have to do with GrapheneOS?
Have you even read the article you posted? It mentions these posts by GrapheneOS
-
More information:
It's been rolling out to Android 9+ users since November 2024 as a high priority update. Some users are reporting it installs when on battery and off wifi, unlike most apps.App description on Play store:
SafetyCore is a Google system service for Android 9+ devices. It provides the underlying technology for features like the upcoming Sensitive Content Warnings feature in Google Messages that helps users protect themselves when receiving potentially unwanted content. While SafetyCore started rolling out last year, the Sensitive Content Warnings feature in Google Messages is a separate, optional feature and will begin its gradual rollout in 2025. The processing for the Sensitive Content Warnings feature is done on-device and all of the images or specific results and warnings are private to the user.Description by google
Sensitive Content Warnings is an optional feature that blurs images that may contain nudity before viewing, and then prompts with a “speed bump” that contains help-finding resources and options, including to view the content. When the feature is enabled, and an image that may contain nudity is about to be sent or forwarded, it also provides a speed bump to remind users of the risks of sending nude imagery and preventing accidental shares. - https://9to5google.com/android-safetycore-app-what-is-it/So looks like something that sends pictures from your messages (at least initially) to Google for an AI to check whether they're "sensitive". The app is 44mb, so too small to contain a useful ai and I don't think this could happen on-phone, so it must require sending your on-phone data to Google?
I guess the app then downloads the required models
-
Per one tech forum this week: “Google has quietly installed an app on all Android devices called ‘Android System SafetyCore’. It claims to be a ‘security’ application, but whilst running in the background, it collects call logs, contacts, location, your microphone, and much more making this application ‘spyware’ and a HUGE privacy concern. It is strongly advised to uninstall this program if you can. To do this, navigate to 'Settings’ > 'Apps’, then delete the application.”
True or not, one can avoid the whole issue by using your phone as a phone, maybe to send texts, with location, mike, and camera switched off permanently, and all the other apps deleted or disabled. Sure, Google will still know you called your SO daily and your Mom once a week (NOT ENOUGH!), and that you were supposed to pick up the dry cleaning last night (did you?). Meh. If that's what floats the Surveillance Society's boat, I am not too worried.
-
You can't search for it. You have to open a direct link.
https://play.google.com/store/apps/details?id=com.google.android.safetycore
did they make it so after people started removing it?
-
And you’ll again inconvenience a human slightly as they look at a pixelated copy of a picture of a cat or some noise.
No cops are called, no accounts closed
The scaling attack specifically can make a photo sent to you look innocent to you and malicious to the reviewer, see the link above
-
Per one tech forum this week: “Google has quietly installed an app on all Android devices called ‘Android System SafetyCore’. It claims to be a ‘security’ application, but whilst running in the background, it collects call logs, contacts, location, your microphone, and much more making this application ‘spyware’ and a HUGE privacy concern. It is strongly advised to uninstall this program if you can. To do this, navigate to 'Settings’ > 'Apps’, then delete the application.”
Google says that SafetyCore “provides on-device infrastructure for securely and privately performing classification to help users detect unwanted content
Cheers Google but I'm a capable adult, and able to do this myself.
-
did they make it so after people started removing it?
Nah, for system stuff that updates via Google Play, it's always been like that. Like Android System Webview for example, if you search Google Play for it you only see the Beta and Developer versions of it. You need a direct link to see the default one included with modern Android.
https://play.google.com/store/apps/details?id=com.google.android.webview
-
Do we have any proof of it doing anything bad?
Taking Google's description of what it is it seems like a good thing. Of course we should absolutely assume Google is lying and it actually does something nefarious, but we should get some proof before picking up the pitchforks.
Whether the people at Google who did this knows they are evil or thinks they are not evil doesn't really even matter. Having a phone app that automatically scans all your photos should scare the shit out of you. At the very least it wastes your battery and slows down your phone.
-
True or not, one can avoid the whole issue by using your phone as a phone, maybe to send texts, with location, mike, and camera switched off permanently, and all the other apps deleted or disabled. Sure, Google will still know you called your SO daily and your Mom once a week (NOT ENOUGH!), and that you were supposed to pick up the dry cleaning last night (did you?). Meh. If that's what floats the Surveillance Society's boat, I am not too worried.
People can go further than that and install a ROM for their phone that doesn't have any Google apps on it. People can even use applications that normally require Google Play Services by using microG, which spoofs things. You can also root your phone with Magisk and use apps to block anything leaking anything else.
-
To quote the most salient post
The app doesn't provide client-side scanning used to report things to Google or anyone else. It provides on-device machine learning models usable by applications to classify content as being spam, scams, malware, etc. This allows apps to check content locally without sharing it with a service and mark it with warnings for users.
Which is a sorely needed feature to tackle problems like SMS scams
You don't need advanced scanning technology running on every device with access to every single bit of data you ever seen to detect scam. You need telco operator to stop forwarding forged messages headers and… that's it. Cheap, efficient, zero risk related to invasion of privacy through a piece of software you did not need but was put there "for your own good".
-
Whether the people at Google who did this knows they are evil or thinks they are not evil doesn't really even matter. Having a phone app that automatically scans all your photos should scare the shit out of you. At the very least it wastes your battery and slows down your phone.
If it provided a feature to automatically block incoming dick pics, which Google claims it's for, was fully local, and only scanned incoming messages, not my own gallery, which is what Google claims, I would likely find it useful. There is nothing wrong with the idea in general.
At the very least it wastes your battery
Again, if it's an optional feature that you can choose to turn on or off, there is nothing wrong with that.
-
What's over engineered about it?
In my experience, the API has iteratively made it ever harder for applications to automatically perform previously easy jobs, and jobs which are trivial under ordinary Linux (e.g. become an access point, set the IP address, set the PSK, start a VPN connection, go into monitor / inject mode, access an USB device, write files to a directory of your choice, install an APK). Now there's a literal thicket of API calls and declarations to make, before you can do some of these things (and some are forever gone).
The obvious reason is that there are a billion fools whom Google tries to protect them from scamers.
But it kills the ability to do non-standard things, and the concept of your device being your own.
-
You don't need advanced scanning technology running on every device with access to every single bit of data you ever seen to detect scam. You need telco operator to stop forwarding forged messages headers and… that's it. Cheap, efficient, zero risk related to invasion of privacy through a piece of software you did not need but was put there "for your own good".
I will perhaps be nitpicking, but... not exactly, not always. People get their shit hacked all the time due to poor practices. And then those hacked things can send emails and texts and other spam all they want, and it'll not be forged headers, so you still need spam filtering.
-
Waydroid?
To be clear, I haven't used it at all and have no idea how well it works.
Tried it on my laptop. Doesn't work at all
-
Here's a link to it in PlayStore. It mentions some of the features it is a dependency for.
I saw that, that's what I meant by "it sounds like it has the capabilities to spy", something that can do all those things must have lots of access and could provide perfect cover for any number of undesirable processes.
-
In my experience, the API has iteratively made it ever harder for applications to automatically perform previously easy jobs, and jobs which are trivial under ordinary Linux (e.g. become an access point, set the IP address, set the PSK, start a VPN connection, go into monitor / inject mode, access an USB device, write files to a directory of your choice, install an APK). Now there's a literal thicket of API calls and declarations to make, before you can do some of these things (and some are forever gone).
The obvious reason is that there are a billion fools whom Google tries to protect them from scamers.
But it kills the ability to do non-standard things, and the concept of your device being your own.
I suppose that's all true, I'd say more "following apples lead on locking things down" than over engineered, but
.I find myself avoiding the whole root business, I do want my mobile device to be fairly locked down. But I also use alternative OSs and app stores to avoid 90% of the garbage (stuff I can't avoid I put in work profile, like I still need google maps).
It works for me, but on the front of this complexity driving away devs I don't really see a viable alternative. Base Linux isn't secure enough for what we put on these little computers. I mean you've still got tons of influential people arguing you shouldn't use secureboot or a tpm as if leaving your whole computer unsecured is better than the indignity of using a non-free bios.
-
There's an app called obtainium that let's you link the main page of github apps and manages both the download, the instalation and the updates of those apps.
Great if you want the latest software directly from the source.
Love me some Obtainium. Did my first PR this week (adding cross-device sync via SxncD)
-
Per one tech forum this week: “Google has quietly installed an app on all Android devices called ‘Android System SafetyCore’. It claims to be a ‘security’ application, but whilst running in the background, it collects call logs, contacts, location, your microphone, and much more making this application ‘spyware’ and a HUGE privacy concern. It is strongly advised to uninstall this program if you can. To do this, navigate to 'Settings’ > 'Apps’, then delete the application.”
I didn't see it anywhere on my phone but ill look into it more after work. Thanks for the heads up.
