5

Ask HN: How much is Google collecting and keeping on Android if not signed in?

 3 years ago
source link: https://news.ycombinator.com/item?id=28419727
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client
Ask HN: How much is Google collecting and keeping on Android if not signed in? Ask HN: How much is Google collecting and keeping on Android if not signed in? 130 points by privacyisntdead 11 hours ago | hide | past | favorite | 37 comments From a privacy perspective, how much does not signing into a Google account help at device setup?

Thinking about picking up a 5a but CalyxOS isn’t ready for it yet.

If you install TrackerControl, no root needed (it pretends to be a VPN to capture your traffic, but is not a real VPN), you will see which apps try to talk to tracking services and thus also which ones talk to Google.

It also as a 'traffic log' feature which, when turned on, shows live which app is talking to which tracker.

Note that, especially if you turn on blocking services marked as essential in the setup, you will need to unblock a lot of CDNs and tracking services for many apps to work including Spotify, your browser, etc. Of course you can also just whitelist apps completely, or temporarily turn all blocking off altogether. But by default it will block trackers, since that's kind of its point. This has the side effect of blocking virtually all advertisements.

s.gif
Thanks for the recommendation.

If anyone else is interested, the app's website is https://trackercontrol.org

s.gif
I installed this and when I turn it on it stops all internet access to any app needing to access the internet. For example my podcast app immediately stops working.
Disclaimer: I work at Google. In cloud, not on Android.

I am privacy conscious so I though I would give a try at Graphene OS, it was brutal. It was overall stable and the stock android R was refreshing. The app selection available through F-droid was very limiting and the quality of apps was a struggle compared to those in the app store.

I wish there was some incentive for the better apps to open source and publish on F-droid. I donate to many apps on Patreon, should I just message to the devs and ask them to go open source and publish on f-droid?

s.gif
> I donate to many apps on Patreon, should I just message to the devs and ask them to go open source and publish on f-droid?

Definitely! In addition, offering your time to set up the F-Droid build pipeline would go a long way

s.gif
Gotta step in as a GrapheneOS User. You have multiple options.

The easiest and most approachable one is: install Aurora Store from F-Droid. It gives you access to Google Play + App Updates without logging you into Google. This almost feels identical to Google Play itself.

Next: think about install the Experimental GMS Support that GrapheneOS offers. If you e.g. absolutely need an App that has troubles working without Google SDKs embedded, this might be an option. This is documented in the Usage Guide of the Website.

https://grapheneos.org/usage

However, just dont forget that you wanted a Google-FREE Phone. So dont overdo installing proprietär stuff.

Oh and stay as far away from MicroG as possible, it seriouly cripples the security of GrapheneOS by a lot.

s.gif
> stay as far away from MicroG as possible, it seriouly cripples the security of GrapheneOS by a lot.

Do you mind sharing some details on this? I did not hear strong statements like this one before.

s.gif
IIRC It requires allowing apps to mimic other app's signatures and pretend to be them, "signature spoofing". MicroG mimics the Google play services signature.

But that is really crippling, because apps can now spoof other apps signatures, essentially apps can pretend to be other apps. That opens a lot of opportunities for an attacker.

s.gif
With the set of patches used eg in lineageos4microg, spoofing is restricted to the microG core app.
s.gif
You're still taking a risk. its a risk that I won't take but you're welcome to for the sake of convenience.
s.gif
> Oh and stay as far away from MicroG as possible, it seriouly cripples the security of GrapheneOS by a lot.

Doesn't this severely limit which apps you can install?

s.gif
> The app selection available through F-droid was very limiting and the quality of apps was a struggle compared to those in the app store.

That's funny because I would say the exact opposite. On the Play store it's extremely easy to accidentally install apps that have nothing to do with what you were looking for, never mind the absolute garbage it helpfully suggests on the start screen.

First thing I tell people around me is to get Fdroid and look there first. Seems much safer to me.

s.gif
  > I donate to many apps on Patreon, should I just message to
  > the devs and ask them to go open source and publish on f-droid?
Yes, you should. This is actually a very effective measure.
s.gif
Off topic question, but what is the sentiment towards employees who want to protect their privacy at Google?
s.gif
> should I just message to the devs and ask them to go open source and publish on f-droid?
Isn't 5a the same hardware as 4a 5G for the most part? CalyxOS, RattlesnakeOS, and GrapheneOS should have support for it soon.

Edit: Here you go https://gitlab.com/CalyxOS/calyxos/-/issues/642

Google has a track record of pushing out Google-y spyware through software update channels. Whatever assumptions you're making based off Android's *current* behaviors, it's not safe to assume they'll hold.

https://news.ycombinator.com/item?id=18064537 ("Chrome 69 will keep Google Cookies when you tell it to delete all cookies")

https://news.ycombinator.com/item?id=24817304 ("Chrome exempts Google sites from user site data settings")

https://news.ycombinator.com/item?id=20044430 ("Google to restrict modern ad blocking Chrome extensions to enterprise users")

https://news.ycombinator.com/item?id=17942252 ("Tell HN: Using Gmail? You will be force logged into Chrome")

Depends on the ROM. AOSP barely has any Google on it compared to "stock" Android; it uses Google services for system resources like DNS, time synchronization, cert stores updates, etc. This is configurable. Of course, it uses Google servers for updates.

I believe that webviews and such use Google Safe Browsing.

AOSP doesn't have Google Play Services at all. There's a trivial amount to "de-google".

I'd recommend looking into GrapheneOS too once it gets 5a support.

"Privacy perspective" is way too ambiguous. Can you describe what specific things you want to protect from ?
s.gif
Adding layers of difficulty to vacuuming up my data.

Protections from spying on emails, texts, right to be forgotten, geofencing warrant grab all’s.

s.gif
> Protections from spying on emails

Do you mean your email inbox ? If so, if you're not signed in, there's nothing here for Google to know. If you're using gmail, obviously when you access your gmail from your phone, Google would know. Either you're using gmail or not. Obviously, emails you send to other gmail users, Google has access to them through other's inboxes, but that is completely independent from your device choice. So I'm not sure what exactly you're worried w.r.t. your device setup.

> texts

If you're not signed in, but using Google backed RCS as SMS/text, then Google won't have access to your message if using end-to-end (for non-group messages). If you're using group messages, they are not end-to-end encrypted.

> right to be forgotten

I'm not sure what you mean, w.r.t. phone device. Care to elaborate ?

> geofencing warrant grab all’s

If you're doing Google searches, they would be subject to geofencing warrant, albeit Google won't know who you are, just that a particular type of device with a particular ip address issued a particular query (and if you shared your location with Google, they would know more fine-grained location but obvious assumption here is you wouldn't do that), but that's no different from any device you use.

s.gif
> geofencing warrant grab all’s

You are going to have to go pull the SIM and service, and keep your phone in a faraday bag as well. All the network providers do these, along with real time location tracking.

I don’t if it’s still the case , but in stock ROM Androids it would track your location history even with location services turned off.

https://www.wired.com/story/google-location-tracking-turn-of...

s.gif
That article is about turning "location history" off, not turning "location services" off.

Full disclosure I work at Google but nothing related to that.

s.gif
It shouldn't take a Google employee to tell all those location options apart.
s.gif
Apparently journalists at wired can't tell the difference.
You can completely remove Google packages with ADB. There are tools for that.

I would be more concerned about vendor packages. For example stock weather widget uses GPS and pinks servers, even when not in use...

I bought a moto g30 for this reason that it is stock android. Do not have a google account so haven't signed in. I do believe by disabling a lot of google crap, using newpipe any data google does take from my phone is stuck behind a "user #37484774" or something. My name is not tied to any online account so who cares.

Oh, BTW I use pihole at home so tracking is minimized even more

With a stock, store bought android rom with google play services and such?

It might help anonymize your device.

If you sign into a network regularly that you use with devices you sign into google with, or a network google associates you.with, they might correlate you with the device.

If you follow your normal routine of locations, browsing or other behaviour google is aware of, google may associate the device with what it knows about you.

It's kind of hard to say though, Google's data collection is somewhat opaque in regards to things it collects to associate you to other things.

I have noticed a few occasions where google has given me suggestions or ads based on searches i've made or on devices that I'm not signed into or associated me with data available only from such devices, other times not.

This is just anecdotal though so make of it what you will.

s.gif
Good but who are "you" to google? Unless you sign in, you are just number on which they have data but not tied to an account. Right?
s.gif
You are only "just [a] number" for a very brief period. As soon as you generate enough data points[1] to establish a recognizable subset of your pattern-of-life, the not-signed-in account can (and probably will) be correlated with your other accounts, some of which probably have data that identifies the real "you".

One of the most common mistakes people make when discussing the data collected by someone like Google is only considering the data in isolation. In reality, data is often combined with other databases.

[1] The minimum number of data points might can be very small: handful of timestamped locations at your home and job is probably unique, matching browser fingerprints if you used the same browser for logged-in and not-logged-in activity, or - as this is Google and their OS - maybe even simply a single even: hearing a MAC address known to be om your home wifi over the radio.

s.gif
Someone with more writing and artistic skills really should make a comic strip or something about this. One we could share with less technical people.

Even technical people really don't seem to understand how far data aggregation can go. Multiple small information points are collated into profiles, you need to be Jason Bourne -levels of vigilant to not create a trackable fingerprint online.

s.gif
An informative comic would be great. I have unsuccessfully tried to create a video game mechanic (ludonarrative) that demonstrates how data aggregation can be exploited. Giving people a little bit of personal experience on the other side trying to [ab]use data could be a very effective teaching tool. I suspect most people (including, as you mentioned, most technical people!) have never really thought about how personal data might be used as a weapon.

The amazing game "Papers, Please" demonstrated that a game based around an educational ludonarrative is not only possible, but can also be be relatively popular. Unfortunately, just like drawing, video game design is difficult.

> you need to be Jason Bourne -levels of vigilant to not create a trackable fingerprint online.

As Zoz said, "Don't Fuck It Up!"[1]. Any type of OPSEC has become extremely difficult. Even technically knowledgeable people that risk consequences of failure far worse than being tracked by Google screw up their OPSEC.

[1] https://www.youtube.com/watch?v=J1q4Ir2J8P8

s.gif
yes. exactly. i guess xkcd must have already done something on this given the depth of knowledge that guy has on the internet. if nothing, if anyone knows that guy, he can do it in 3 panels i'm sure.
s.gif
how far does pi-hole and similar tech help in this regard? i am genuinely curious about their role in reduction in data collection or at least preventing its exfiltration
s.gif Applications are open for YC Winter 2022
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search:

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK