Does Google Spy on Android Custom ROMs? - Techlore
video description
Date: 2022-04-15
Related videos
Comments and reviews: 10
nacosia
I'm not exactly sure what was the point you were trying to make however, the analysis was very superficial, quite naive I should add - sorry. Any Android system with an associated registered Google account, Google Play Services, Google Play Store, Maps, arguably even Android System WebView, is definitely privacy compromised.
As for hardware, you haven't mentioned anything about BT BLE, WiFi scanning, nearby device scanning, WiFi multicast, WiFi triangulation, cell and GPS location tracking, camera and microphone - which could very easily be forced on without user's consent. I didn't even touch on Google's new chip proprietary architecture, which is another privacy mess in itself.
Coming back to software, Google Play Services is undoubtedly the weakest link, the absolute privacy killer - hence the development of microG which is not a perfect solution, it has its own privacy holes since it needs to emulate the very gms and gsf services for a Google registered account to properly work. In other words, even custom ROMs have lots of privacy cracks, although admittedly far less than a regular Android system, which is no less than a sofisticated spying tool with a nice user's interface and a phone.
You should probably also add that the newer the Android version, the system's security arguably gets better, BUT the user's privacy gets trampled to a point where it eventually becomes a thing of the past. With that being said, unless you're forced to use say, Android 11 or 12 because you just got a new phone, don't buy the -upgrading- hype just because it's trendy. Think twice before updating the OS because it's irreversible.
reply
I'm not exactly sure what was the point you were trying to make however, the analysis was very superficial, quite naive I should add - sorry. Any Android system with an associated registered Google account, Google Play Services, Google Play Store, Maps, arguably even Android System WebView, is definitely privacy compromised.
As for hardware, you haven't mentioned anything about BT BLE, WiFi scanning, nearby device scanning, WiFi multicast, WiFi triangulation, cell and GPS location tracking, camera and microphone - which could very easily be forced on without user's consent. I didn't even touch on Google's new chip proprietary architecture, which is another privacy mess in itself.
Coming back to software, Google Play Services is undoubtedly the weakest link, the absolute privacy killer - hence the development of microG which is not a perfect solution, it has its own privacy holes since it needs to emulate the very gms and gsf services for a Google registered account to properly work. In other words, even custom ROMs have lots of privacy cracks, although admittedly far less than a regular Android system, which is no less than a sofisticated spying tool with a nice user's interface and a phone.
You should probably also add that the newer the Android version, the system's security arguably gets better, BUT the user's privacy gets trampled to a point where it eventually becomes a thing of the past. With that being said, unless you're forced to use say, Android 11 or 12 because you just got a new phone, don't buy the -upgrading- hype just because it's trendy. Think twice before updating the OS because it's irreversible.
reply
IronHead
Censorship of risk of your affiliate. My comment keeps instantly disapearing! I'll try one more time.
Here goes:
Dude, please inform us of the risks when you advertise!
-
We Share Personal Data Under Controlled Circumstances:
With third parties, within the United States and in other countries, who may access data about you to perform functions on our behalf;
With financial institutions, processors, payment card associations and other entities that are involved in the payment process;
With -government and law enforcement where reasonably necessary to comply with applicable law, regulation, legal process, governmental request; -
With others where reasonably necessary to protect the security or integrity of our Services or user safety;
In Connection with, or -during the negotiation of, ANY merger, sale of company stock or assets, financing, acquisition, divestiture or dissolution of all or a portion of our business; -
With your consent. -
reply
Censorship of risk of your affiliate. My comment keeps instantly disapearing! I'll try one more time.
Here goes:
Dude, please inform us of the risks when you advertise!
-
We Share Personal Data Under Controlled Circumstances:
With third parties, within the United States and in other countries, who may access data about you to perform functions on our behalf;
With financial institutions, processors, payment card associations and other entities that are involved in the payment process;
With -government and law enforcement where reasonably necessary to comply with applicable law, regulation, legal process, governmental request; -
With others where reasonably necessary to protect the security or integrity of our Services or user safety;
In Connection with, or -during the negotiation of, ANY merger, sale of company stock or assets, financing, acquisition, divestiture or dissolution of all or a portion of our business; -
With your consent. -
reply
Sodium
You're right, we shouldn't be judging with -baseless claims-. However, Google is an exception given it's shady history of invasive & extensive data collection. Hell, you guys mention Google's antics in most of your SR's, and we're just supposed to ignore all of that because no proof has come out yet? As a counter to the SoC argument, all we have to do is look at Intel's Management Engine. As far as -it wouldn't benefit our company-, that's irrelevant given that consumers only have two choices when it comes to phones: iOS or Android. All Google has to do is wait for the bad press to blow over or wait for Apple to go through some drama and gain some of those users.
If citing Google's shitty history makes me -ignorant-, then so be it.
reply
You're right, we shouldn't be judging with -baseless claims-. However, Google is an exception given it's shady history of invasive & extensive data collection. Hell, you guys mention Google's antics in most of your SR's, and we're just supposed to ignore all of that because no proof has come out yet? As a counter to the SoC argument, all we have to do is look at Intel's Management Engine. As far as -it wouldn't benefit our company-, that's irrelevant given that consumers only have two choices when it comes to phones: iOS or Android. All Google has to do is wait for the bad press to blow over or wait for Apple to go through some drama and gain some of those users.
If citing Google's shitty history makes me -ignorant-, then so be it.
reply
Matthew
All and all good video but you made a really important oversight. Theoretically Google chips could spy by sending the data back home specifically with cellular data rather than WiFi which would be much harder to analyze with Wireshark as you would need an IMSI-catcher to do so, and those are expensive and highly regulated. Until someone verifies with Wireshark + IMSI-catcher we can't be positive they aren't doing this. I have no evidence to say they are but I always found it suspicious how most manufacturers lock down their bootloader but Google never has even though they know full well someone could just install a custom ROM and they would lose out on all that tracking data revenue.
reply
All and all good video but you made a really important oversight. Theoretically Google chips could spy by sending the data back home specifically with cellular data rather than WiFi which would be much harder to analyze with Wireshark as you would need an IMSI-catcher to do so, and those are expensive and highly regulated. Until someone verifies with Wireshark + IMSI-catcher we can't be positive they aren't doing this. I have no evidence to say they are but I always found it suspicious how most manufacturers lock down their bootloader but Google never has even though they know full well someone could just install a custom ROM and they would lose out on all that tracking data revenue.
reply
Ezruy
Not trying to plug but the latest releases of GrapheneOS has Sandboxed Google Play so you can actually use GApps including Play Store in a sandbox. This allows you to actually use Google minus the spying, which some people prefer over installing dubious third party services that try to emulate Google Store/Services but don't actually come close to the real thing.
reply
Not trying to plug but the latest releases of GrapheneOS has Sandboxed Google Play so you can actually use GApps including Play Store in a sandbox. This allows you to actually use Google minus the spying, which some people prefer over installing dubious third party services that try to emulate Google Store/Services but don't actually come close to the real thing.
reply
Hud
You are making the mistake of thinking managers only do what is best for the company. As a veteran of the tech industry for 45 years I can tell you this is false. Of course there are those who things to enrich themselve but I have also seen decisions made for political and religious reasons.
reply
You are making the mistake of thinking managers only do what is best for the company. As a veteran of the tech industry for 45 years I can tell you this is false. Of course there are those who things to enrich themselve but I have also seen decisions made for political and religious reasons.
reply
Carl
lol, the problem is Google is at the protocol level. Phones are network devices so is anti-private by definition. The device has to identify uniquely to the network to work. Minimal disclosure is the best that can be done.
reply
lol, the problem is Google is at the protocol level. Phones are network devices so is anti-private by definition. The device has to identify uniquely to the network to work. Minimal disclosure is the best that can be done.
reply
Sven
With respect to hardware spying in minute 8: 31. Anyone using GrapheneOS is using a Pixel by default these days. And many of us are not using Google Play Services. So, we are out there - don't know how many we are.
reply
With respect to hardware spying in minute 8: 31. Anyone using GrapheneOS is using a Pixel by default these days. And many of us are not using Google Play Services. So, we are out there - don't know how many we are.
reply
TimBo
I think it's interesting how many nerds wanted to speak up about the million possibilities that could not possibly be covered in a 16 minute video. The common focus of all nerds. minutia and arguing about minutia.
reply
I think it's interesting how many nerds wanted to speak up about the million possibilities that could not possibly be covered in a 16 minute video. The common focus of all nerds. minutia and arguing about minutia.
reply
Stoney_Eagle
Do you now understand why I call it ironic to degoogle your phone and then use a Google account to login on a Google service? You end up with a phone that still collects data for Google. -
reply
Do you now understand why I call it ironic to degoogle your phone and then use a Google account to login on a Google service? You end up with a phone that still collects data for Google. -
reply
Add a review, comment
Other channel videos
