I recently asked the /c/Android community what information Google has access to on stock Android, assuming the user is not using any Google apps, and was told Google has full “unstoppable” access to the entire device, including Signal messages, the microphone, duckduckgo search history and anything displayed on the screen at all times.
Does this mean that encrypted messaging is essentially pointless to use on Android? I’m a newb here so go easy on me.
Google Keyboard has network access, so it can theoretically log every keystroke and send it somewhere.
Personally, I installed GrapheneOS which lets me deny network access to the keyboard.
Think lower level. They own your device keyboard, so they can technically read whatever you type. Whether they send that to the mother ship, I don’t know, but it’s a risk. That’s one example, but same holds true for anything low level, like mic, camera, etc.
Signal is far better to use than WhatsApp or any other messaging app controlled by big tech like Apple, Google, Microsoft, Google (Alphabet), Facebook and so forth. But Google knows what you write on your phone on Android. Don’t kid yourself on that point.
Google has the capability to read everything that you can read on an Android phone, unless you have taken steps to remove all Google-controlled components that have system-level privileges. Last time I checked, this included Google Play Services, which are installed by default on most Android phones.
Note that messengers with end-to-end encryption, like Signal, cannot protect against an adversary with full access to your device.
This is part of why people de-Google their phones, which usually means replacing the entire OS with something like LineageOS or GrapheneOS.
So just to confirm the answer to my question question: Its pointless to use encrypted messaging on an Android device?
So just to confirm the answer to my question question: Its pointless to use encrypted messaging on an Android device?
Of course not. End-to-end encrypted messaging protects against eavesdroppers in transit. It’s an opaque envelope.
(Edit: Keep in mind that Google is not the only potential eavesdropper out there.)
What it cannot do is protect a message from someone reading over your shoulder when you write a message or open an envelope. On mainstream Android, that could be Google, if they choose to abuse their system-level access. On iOS, it could be Apple. And so on.
Those companies might be eavesdropping on sent/received messages already, either at a large scale or in a minority of cases, or regionally, or they might not be doing it at all… yet. But they have the capability. You’ll have to decide for yourself whether that risk is acceptable.
End-to-end encrypted messaging protects against eavesdroppers in transit.
But if the ENDS are both compromised… I wish there were more/better custom ROMS out there. Hopefully Linux Phone gets some love.
But if the ENDS are both compromised…
If either end is compromised, then there is someone reading over the proverbial shoulder, and the conversation should be considered compromised.
Hopefully Linux Phone gets some love.
That would be a welcome step in the right direction, as would open hardware.
Do you have an issue with graphene?
If you use stock android and proprietary software, YES. Everything you type can be recorded before it’s encrypted.
Wrong, it gets others off WhatsApp.
The system controls its apps. When the system’s not libre software, they control it, not you!
Keep Signal. You’re helping others escape WhatsApp.
Currently, no (other than the microphone). Android apps are sandboxed and the Signal app encrypts its data so it isn’t readable from the outside. There is however a real concern if using keyboards with predictive text, because the keyboard knows what you’re typing into Signal.
but the sandbox is controlled by google, of course. They might need to snoop on your app for “accessibility reasons” (no pun intended)
Android apps are sandboxed
FWIW, they’re not sandboxed from google play services:
The Play Store Services process has access to your precise location at all times, the motion sensors, networks, hardware identifiers (including IMEI), contacts, passwords, the entire storage space, call logs, access to other apps’ data, and more.
Accordingly, google would have access to the Signal data on your phone. However, I don’t know whether the encryption would provide a measure of protection against google. GrapheneOS by default does not use google play services, and provides a sandboxed version for people who need the functionality.
Unless you’re using GrapheneOS and then the answer is “Mostly but it depends”.
It’s possible but complicated.
Since apps have access to the TPM API they can encrypt their own data in such a way that only the app’s own authorized processes can retrieve the decryption key from the TPM chip
and the os. Always the os, if it has root access :)
I will leave just this info here
Technical Data
Subject of Investigation: Google Play Services
Number of Permissions: 277
Operating System: Android 4.4.2 and aboveList of Permissions
3.1. Automotive Systems Control
Access to data and control of vehicle components via Android Auto/CarPlay:
- Power windows
- Tire pressure monitoring system
- Rearview mirrors
- Power system
- Mileage data
- Central door locking
- Driving mode management
- Seat adjustment
- Vehicle speed data
- Lighting system (headlights)
- Battery
- Climate control
3.2. User Interface Manipulation
- Embedding into application activities
- Application substitution
- Application icon modification
3.3. “Chimera” Component
System component of undetermined purpose.
3.4. SMS Management
Complete control of text messaging functions:
- Sending messages
- Receiving messages
- Reading messages
- Creating messages
3.5. Root-Level System Privileges
Complete device control at root-access level.
3.6. Application Data Access
- Access to all activities
- Ability to embed into activities
- Access to contacts
3.7. USB Management
Control of USB connections and data transfer.
3.8. Identifier Access
Access to all system and user device identifiers.
3.9. Screen Lock Management
Disabling keyguard (screen lock system).
3.10. Mail Services Access
- Access to email
- Access to voicemail
3.11. Network Function Management
- Enabling/disabling network interfaces
- Background data download
- Modification of network settings
3.12. Wi-Fi Management
- Access to saved Wi-Fi passwords
- Wi-Fi password transmission
3.13. Audio Recording
- Microphone audio recording
- “Capture audio hotword” function (keyword capture)
- Continuous audio stream monitoring for hotword detection
3.14. Geolocation
Complete control of location functions:
- Location determination by all available methods
- Independent enabling/disabling of geolocation services
- “Allocate aggressive” mode (aggressive resource allocation for location determination)
3.15. Payment Information Transmission
Sending payment data without specified recipient restrictions.
3.16. Camera Control
Access to device camera.
3.17. Telephony Function Management
- Making calls
- Access to call history
- Control of telephone connections
3.18. Permission Management
Manipulation of other applications’ permissions:
- Permission backup
- Permission sharing
- Permission revocation
- Permission restoration
3.19. Device Lock Management
- Device locking
- Device unlocking
- Password protection bypass
3.20. Biometric Authentication
Complete control of biometric identification systems:
- Fingerprint scanner
- Facial recognition (Face ID)
3.21. Notification Management
Manipulation of system notifications:
- SMS notification substitution
- Call notification modification
- Messenger notification modification
3.22. Telephony Function Access
- Access to telephony module
- Call management
3.23. Bluetooth Management
Control of Bluetooth connections.
3.24. Security Key Management
- Encryption key substitution
- Password reset
Google Play Services is one of many pre-installed Google system components. A standard Android installation contains 30-50 additional Google applications with similar or complementary permission sets.
Someone at Google could hear what a device’s microphone is picking up at all times?
I believe notifications would be accessible. Note that i don’t mean the push notification backend mentioned by Doomerang, but the actual notification that goes into your status bar (which is all processed on device). That would be readable by the OS in theory.
deleted by creator
https://mastodon.world/@Mer__edith/111563865413484025 this is the response from the president of the Signal Foundation to the question around push notifications and if google/apple can access your messages via this method.
Odd. Signal notifications absolutely include the content of the messages received.
In Signal, push notifications simply act as a ping that tells the app to wake up.
Google only pings your phone via FCM, the Signal App then polls the message itself.
Edit: oops, you meant the pop-up. You can disable them from showing the message.
Pretty sure it doesn’t by default? You can definitely change it, but I thought it was just name by default.
There’s measures they could use in theory, but if you switch keyboard app away from Google’s and set private text mode, enable screenshot protection, etc, then you should be good.
But other comments are saying the exact opposite, that Google has full and compete access to the device and its hardware at all times.
In theory it does. In practice, people would figure it out if this was common practice. So if the functionality is built in, you need to ask yourself if you’re a particularly valuable target.
Most of those things would only be possible by hiding them in a system update
which they control
Screenshot protection doesn’t protect you from the system seeing your screen. They’re running software with kernel-level access to your system, anything that they want is available to them.
As to what they do with this level of access, I could only speculate.
Until they use Graphite.
By “Stock Android” you mean whatever came with your phone, or do you mean you installed PureAOSP? https://source.android.com/
Neither, some manufacturers modify Android considerably. By “stock” I mean essentially what is on Pixels and many other devices, but not for example, Samsung.
I would not expect any privacy from any Android, alþough if þere is any to be had, it’ll be from a deGoogled image.
I have not heard anyone claim to have done a complete audit of Android, but even if it has been done on e.g. Graphene, what Google installs on Google phones is anyone’s guess, and it’s not paranoia to assume Google has backdoors.
