Google’s ‘Secret’ Update Scans All Your Photos
-
Per one tech forum this week
Stop spreading misinformation.
graphene folks have a real love for the word misinformation. That's not you under there
, Daniel, is it? -
To quote the most salient post
The app doesn't provide client-side scanning used to report things to Google or anyone else. It provides on-device machine learning models usable by applications to classify content as being spam, scams, malware, etc. This allows apps to check content locally without sharing it with a service and mark it with warnings for users.
Which is a sorely needed feature to tackle problems like SMS scams
Why do you need machine learning for detecting scams?
Is someone in 2025 trying to help you out of the goodness of their heart? No. Move on.
-
I mean the grapheneos devs say it is. Are they going to lie.
Yes, absolutely, and regularly, and without shame.
But not usually about technical stuff.
-
The countdown to Android's slow and painful death is already ticking for a while.
It has become over-engineered and no longer appealing from a developer's viewpoint.
I still write code for Android because my customers need it - will be needing for a while - but I've stopped writng code for Apple's i-things and I research alternatives for Android. Rolling my own environment with FOSS components on top of Raspbian looks feasible already. On robots and automation, I already use it.
What's over engineered about it?
-
Why are you linking to a known Nazi website?
Because that's where I got the info from first? Grow up
-
....this link is about Safety core. Which weather app?
There's another one mentioned in the comments
-
Google is always 100% lying.
There are too many instances to list and I'm not spending 5 hours collecting examples for you.
They removed don't be evil long time agoMaybe you should given your closing sentence is incorrect and just bolsters the fact we shouldn't blindly take everything we see at face value
-
Why do you need machine learning for detecting scams?
Is someone in 2025 trying to help you out of the goodness of their heart? No. Move on.
If you want to talk money then it is in businesses best interest that money from their users is being used on their products, not being scammed through the use of their products.
Secondly machine learning or algorithms can detect patterns in ways a human can't. In some circles I've read that the programmers themselves can't decipher in the code how the end result is spat out, just that the inputs will guide it. Besides the fact that scammers can circumvent any carefully laid down antispam, antiscam, anti-virus through traditional software, a learning algorithm will be magnitudes harder to bypass. Or easier. Depends on the algorithm
-
if the cellular carriers were forced to verify that caller-ID (or SMS equivalent) was accurate SMS scams would disappear (or at least be weaker). Google shouldn't have to do the job of the carriers, and if they wanted to implement this anyway they should let the user choose what service they want to perform the task similar to how they let the user choose which "Android system WebView" should be used.
Carriers don't care. They are selling you data. They don't care how it's used. Google is selling you a phone. Apple held down the market for a long time for being the phone that has some of the best security. As an android user that makes me want to switch phones. Not carriers.
-
The fact that Google refused to restore his account even after the police that they called said there was no child porn pisses me off to no end. They are officially allowed to close your account for no reason other than they don't like you.
not only refused to restore the account, but still insisted he was a pedophile producing child pornography despite the cops and doctors and every other authority involved insisting he wasnt, and that the images were medically necessary, and refuse to even give/let him get a backup of all his family pictures, emails, etc.
-
No, antivirus software only looks for matches with known malware and exploits.
So, kinda like a free malware software that just scans without doing anything to solve the problem
-
If you want to talk money then it is in businesses best interest that money from their users is being used on their products, not being scammed through the use of their products.
Secondly machine learning or algorithms can detect patterns in ways a human can't. In some circles I've read that the programmers themselves can't decipher in the code how the end result is spat out, just that the inputs will guide it. Besides the fact that scammers can circumvent any carefully laid down antispam, antiscam, anti-virus through traditional software, a learning algorithm will be magnitudes harder to bypass. Or easier. Depends on the algorithm
I don't know the point of the first paragraph...scams are bad? Yes? Does anyone not agree? (I guess scammers)
For the second we are talking in the wild abstract, so I feel comfortable pointing out that every automated system humanity has come up with so far has pulled in our own biases and since ai models are trained by us, this should be no different. Second, if the models are fallible, you cannot talk about success without talking false positives. I don't care if it blocks every scammer out there if it also blocks a message from my doctor. Until we have data on consensus between these new algorithms and desired outcomes, it's pointless to claim they are better at X.
-
Yeah so here's the next problem - downscaling attacks exists against those algorithms too.
And you’ll again inconvenience a human slightly as they look at a pixelated copy of a picture of a cat or some noise.
No cops are called, no accounts closed
-
Wouldn’t it be a given that I don’t have an android phone?
That's what you don't use, which wasn't what they asked, right?
-
And what exactly does that have to do with GrapheneOS?
Have you even read the article you posted? It mentions these posts by GrapheneOS
-
More information:
It's been rolling out to Android 9+ users since November 2024 as a high priority update. Some users are reporting it installs when on battery and off wifi, unlike most apps.App description on Play store:
SafetyCore is a Google system service for Android 9+ devices. It provides the underlying technology for features like the upcoming Sensitive Content Warnings feature in Google Messages that helps users protect themselves when receiving potentially unwanted content. While SafetyCore started rolling out last year, the Sensitive Content Warnings feature in Google Messages is a separate, optional feature and will begin its gradual rollout in 2025. The processing for the Sensitive Content Warnings feature is done on-device and all of the images or specific results and warnings are private to the user.Description by google
Sensitive Content Warnings is an optional feature that blurs images that may contain nudity before viewing, and then prompts with a “speed bump” that contains help-finding resources and options, including to view the content. When the feature is enabled, and an image that may contain nudity is about to be sent or forwarded, it also provides a speed bump to remind users of the risks of sending nude imagery and preventing accidental shares. - https://9to5google.com/android-safetycore-app-what-is-it/So looks like something that sends pictures from your messages (at least initially) to Google for an AI to check whether they're "sensitive". The app is 44mb, so too small to contain a useful ai and I don't think this could happen on-phone, so it must require sending your on-phone data to Google?
I guess the app then downloads the required models
-
Per one tech forum this week: “Google has quietly installed an app on all Android devices called ‘Android System SafetyCore’. It claims to be a ‘security’ application, but whilst running in the background, it collects call logs, contacts, location, your microphone, and much more making this application ‘spyware’ and a HUGE privacy concern. It is strongly advised to uninstall this program if you can. To do this, navigate to 'Settings’ > 'Apps’, then delete the application.”
True or not, one can avoid the whole issue by using your phone as a phone, maybe to send texts, with location, mike, and camera switched off permanently, and all the other apps deleted or disabled. Sure, Google will still know you called your SO daily and your Mom once a week (NOT ENOUGH!), and that you were supposed to pick up the dry cleaning last night (did you?). Meh. If that's what floats the Surveillance Society's boat, I am not too worried.
-
You can't search for it. You have to open a direct link.
https://play.google.com/store/apps/details?id=com.google.android.safetycore
did they make it so after people started removing it?
-
And you’ll again inconvenience a human slightly as they look at a pixelated copy of a picture of a cat or some noise.
No cops are called, no accounts closed
The scaling attack specifically can make a photo sent to you look innocent to you and malicious to the reviewer, see the link above
-
Per one tech forum this week: “Google has quietly installed an app on all Android devices called ‘Android System SafetyCore’. It claims to be a ‘security’ application, but whilst running in the background, it collects call logs, contacts, location, your microphone, and much more making this application ‘spyware’ and a HUGE privacy concern. It is strongly advised to uninstall this program if you can. To do this, navigate to 'Settings’ > 'Apps’, then delete the application.”
Google says that SafetyCore “provides on-device infrastructure for securely and privately performing classification to help users detect unwanted content
Cheers Google but I'm a capable adult, and able to do this myself.
