fuck offffff
Microsoft introduces “Recall” spyware the world goes mad, Google and Apple do something similar and it’s mostly silence.
I’m not defending Microsoft but it just shows the double standards between the trust in these corporations.
Interesting how the majority of the comments refer to you being monitored on your own phone, ignoring that you will be monitored on everyone else’s phone as well.
Probably something people aren’t thinking about. How would this even work in two party consent states/countries?
The same way slopgen cleverly went around seemingly unbendable coryright laws: by ignoring the shit out of it, and half-scaring half-bribing the governments and the public to allow them to do whatever the fuck they want.
By
bribinglobbying local politicians. As always, laws are only real when they’re enforced.
Much like how Facebook includes non-users in their social graph.
Which is also an important issue with google mail.
But this also violates the expectation that spoken conservations are private.
Because all of their customers were clamoring for such a “feature”?
Of course, it will have the option of being “turned off”.
I mean, we’ve all long suspected our phones are listening to us anyway, why not make it into a “feature”.
<Laughs in GrapheneOS>
I am thinking about installing Graphene OS, any thoughts so far on how it work, or rather what hasn’t worked on it? I am already using Brave and Proton and trying my best to get out of the AI overlord mess that is Google.
brave is not a good privacy choice (it has repeatedly shown that it is not to be trusted, it squeezes money out of you, and is run by a homophobic cryptobro (who is also the creator of javascript)
on android, use firefox or ironfox; on desktop, use librewolf
Anyway to set up Firefox on android to actually block tracking? Seems like it is just as leaky as Chrome, but maybe they have improved it.
not sure
i dont actually use android, i use an iphone, i just know quite a bit about this stuff
Is mull not recommended anymore?
Mull was from DivestOS, which ended up folding a few years ago. Sad, cause I actually used it on a OnePlus 7T phone and it was a promising alternative to Graphene that similarly allowed for bootloader relocking. I really wish the team got the support it needed.
idk about it
ironfox is forked from it tho
Good to know, thanks!
I use grapheneOS for many years now. I’m having some trouble coming up with things that haven’t worked on it. I use Aurora as an alternate front end for google play, for downloading certain free apps.
I think I’ve seen problems with apps that check google store for purchase verification, but I don’t personally have a google account or purchase android apps so it hasn’t affected me.
Its nice if you are actually trying to stay away from Google. Its probably not the best experience if you still want to use their apps and services.
I prefer the experience. My phone doesnt try to get my attention or track me, at least as far as I can tell. Reminds me of when the first smart phones came out and they were just useful tools.
I am new to GrapheneOS, and I love it. However, it doesn’t work with Google Pay, Wallet, or Moto Tag devices.
I also prefer the unbloated ROM and limiting what Google can do on my phone. However, this new captcha thing is worrying: https://www.digitaltrends.com/phones/the-makers-of-security-first-grapheneos-are-putting-google-and-apples-tactics-on-blast/
I’m at a point in my life where I just won’t use a service or company if it won’t work on my devices. Thats not likely to be a luxury everyone has so I know its not for everyone.
Second the req against Brave, the CEO is actively a fascist sympathizer.
Mullvad and Librewolf are both better, especially since Brave is Chrome-based and is going to stop supporting Manifest v2 when Google finally swings the axe.
Mullvad doesn’t work on Android though correct? And if privacytests.org/android is to be believed, seems like Brave currently is the best of the bunch, unless you have seen something better?
Ironfix on Android is best equivalent to Mullvad on PC.
Also fuck Brave and its CEO and its crypto fascism bulkshit.
Honestly, it an easy switch and you’re going to love the control you regain.
Fuck you Pichai you fucking banchode.
TIL what a banchode is….
“Banchode” (often spelled “banchod” or “benchode”) is a vulgar Hindi/Gujarati slang insult roughly meaning “sister-fucker,” similar in strength to “motherfucker” in English.
Pronounced bench-o-day?
Ben-chode… Add lots of fucking either before or after for authenticity
This will be quite illegal in all countries and states that require 2 party consent at minimum.
Incoming Google lawsuits in 3, 2, 1.
lol. they are exempt from copyright, they will be somehow exempt from this too.
OK, how do you disable it permanently? Besides Graphene or mobile Linux?
Yes. To all of those.
The people who called me crazy because “there’s no way your phone can be listening in on you all the time” are the same people who are going to be the most excited about this “feature”
How did these people expect “Hey Siri” / “Hey Google” to work?
Im a perfect world, as they claim, its a secondary system listening that isn’t recording or transmitting anything, and is meant to be low power. If it hears the wake up word, it wakes up the other mic and starts recording.
Thats how they claim the smart speakers work anyway.
This would be different.
This was my understanding, but I just don’t believe it anymore. There have been way, way too many time my wife and I were talking about an incredibly niche thing that didn’t come up through the internet in any way, and lo and behold the algorithm presented those key words. Nobody will ever convince me it isn’t being done to some extent.
It doesn’t need to, that’s the issue, there is so much other data you are generating that can be harvested. Nothing you talk about is completely random, so it’s incredibly easy to build profiles about you, without listening to a single word.
I understand that’s the theory, but these situations were specifically not something that could be easily gleaned. We’re talking like reminiscing about things that happened in our pre internet youth that there’s no record of anywhere and that came up randomly in conversation. I’m definitely aware of the dynamic, even before ubiquity of the internet, it’s true that sometimes companies would know people were pregnant before the person did based on their purchasing profile. This wasn’t that though, there’s just no possible connection.
That happened a few times now, so pretty much nothing is going to convince me it’s not the case.
I think you’d be surprised, there is always a connection. Oh some middle aged millennial waxing poetic about nostalgia? Wow, totally haven’t heard that before, and it’s certainly not the singular thing every company is capitalizing on in media currently. No, you are absolutely unique and Google is simply listening to every conversation about you.
No, I wouldn’t be, because I was talking about a random location which was indeed pretty unique. That said, it’s a pleasure to finally meet you, I’m a big fan.
I had this happen many years ago, to the point there was no chance something wasn’t listening. We suspected it was my partners iPhone with Facebook installed before they got better about preventing abuse like that, as it was a Facebook ad that showed up.
Were talking about something where we never use the product, would never use the product, but it came up in a conversation just between the 2 of us, and there were ads the next day.
It happened a few times.
It can’t hear if it isn’t already listening.
“How they claim?” Is there no way to confirm that?
You look for network traffic. You might not be able to see inside the packets, but you can know when they’re sending packets, and how many. As far as I know, voice assistant systems that claim to use a secondary local circuit to detect calls are telling the truth.
That’s kind of what I was wondering, I figured this as well as a way to track that it is at least sending data at unusual times. Someone else in this thread explained that actually determining what that data is would be difficult yeah: https://lemmy.world/post/48510943/24408747
I don’t know enough about system security or forensics to evaluate this, but it does make sense based on what I know.
The consensus so far seems to be that they don’t collect as much data as people think, partly because they can’t process all of it, and partly because educated guesses are good enough to target ads often enough.
I have a memory of people black boxing it and seeing power usage and network traffic that supported the claims but that was a snapshot in time and as others note its all proprietary.
It takes a lifetime to build a good reputation, but you can lose it in a minute.
They ship with proprietary code, this would be the point of open source.
In practice in my experience, every company is at least skirting the law regarding privacy, and I never worked for one big enough that could lobby itself out of a fine.
would this not be detectable by tracking the data sent through your network?
I used to run forensic network capture and analysis tools.
First thing, traffic is encrypted. All you will see is a blob of traffic passing through. You used to see hostnames with TLS, but now with quic, you see nothing. This makes it hard.
You could root the phone and install a root ca certificate for a decrypting proxy, you might see more, but the data itself (not just the transport protocol) could be encoded or even encrypted within the network encapsulation.
Next, you’d have to reverse engineer the protocol if they’re using something nonstandard. Also, malware can often be set up to “behave” when it can detect analysis. I’m all but certain Google would do this.
Maybe you could do statistical analysis of the traffic and attempt to baseline normal vs when it’s transmitting audio. It would be a bit of a blind guess at best.
If I had more time, I’d love to try it. I have an old pixel7 pro. Maybe I can sort something out.
People have already done that and shown that no the device isn’t listening to you 24/7 and sending all your data out. There are plenty of papers on the subject, and it makes sense. Why record, decode and analyze all audio when your digital footprint is so much easier to compile and analyze. People aren’t random, so it’s easy to put them into statistical buckets of how to target them. Here is one reference paper (of many): https://recon.meddle.mobi/papers/panoptispy18pets.pdf
If its real time monitoring you, but not if its logging data to send later when it would be expected to be doing so.
Audio doesnt take up much space.
Even if it was open source, you’d need to be able to verify what they ship matches the specs. Allowing you to flash whatever you want onto it helps, but you still need to validate the hardware.
I dont know. You’d need to reverse engineer the hardware and software to be confident, and could a OTA update then sneak a bypass in anyway?
Edit: i think Amazon might have abandoned this as well and always records on echos now too.
Doesn’t need to track you all the time to know exactly who you are and what you’re up to.
Continuously monitoring is such a waste of their resources, they already know everything about you, they just need to check in now and then to make sure you’re buying the correct t-shirts.
The internet is becoming a hostile place, filled with predators and hazards, a privilege only of the wealthy, the powerful and their slaves, was not on my bingo card for things I’d live through. I feel I may have no choice but to genuinely disconnect from all of it in my private life.
Constant surveillance 😡
Audio memories 😍
BIG BROTHER IS
WATCHING YOU
HELPING YOU REMEMBER YOUR IMPORTANT CONVERSATIONS
GrapheneOS, asap Pixel owners.
Thank me later.
Before it’s somehow no longer an option. I fear the Motorola deal will somehow get blocked.
This is really about training AI, isn’t it. They’ve tapped nearly all the sources of human text output already, so now they want to create as much more of it as possible, as quickly as possible. They will tap into conversations and use it as a new data source, mark my words.
They are so lazy they want an LLM to tell them what is hot and the only way they can do it is by massive spying. The surveillance state brought to us by fucking advertising of all things. So bizarre.
Yep, not just audio either. There is a reason the tech companies are pushing into glasses with cameras and it isn’t to make people’s lives better.
I saw this title and immediately said “fuck off” then clicked, and …glad to see OP sharing my immediate sentiment.
“There is a time when the operation of the machine becomes so odious, makes you so sick at heart, that you can’t take part; you can’t even passively take part, and you’ve got to put your bodies upon the gears and upon the wheels, upon the levers, upon all the apparatus, and you’ve got to make it stop. And you’ve got to indicate to the people who run it, to the people who own it, that unless you’re free, the machine will be prevented from working at all!” — Mario Savio, 1964
Reason n+1 for me being thankful for switching to GrapheneOS.
How’s the app support? I want to switch if/when the Motorola phones come out, but I’m wondering how many of my apps/services I’ll have to abandon.
Almost everything just works after installing sandboxed Google Play Services. For a few apps you have to tweak a setting to turn off some of GrapheneOS’s exploit protections. But I’ve found very few that refuse to run, and nothing indispensable. If you don’t like your main profile having Play Services you can set them up under a second profile or a private area and keep the apps that use them away from your main profile.
The other thing that might be a dealbreaker for you is no contactless payments with things like google wallet will work. But you could always just attach your credit card to the back of your phone and :tada: it works again lol
Contactless payments technically work fine, just not via Google Wallet. Banks that have their own tap to pay app usually don’t have that problem.
You must be lucky to have such banks in your country.
There’s several EU countries that do. Some of them as part of a push for sovereignty, but most, I think, cause they developed their solutions before Google Wallet was enabled in that country.
I’m unaware of anyone but curve, and curve seem to shadow-ban you for having rooted or weird phones and then claim kyc failure. In general they are quite shady and have poor customer service.
You know any other ones? Would be very useful since I think anyone in the eurozone could then use those.
I can confirm that the Sparkasse Mobiles Bezahlen in Germany works with GrapheneOS (Pixel 7 Pro)
There was no work profile support when I last tried to convert. deal breaker, atm.
That has been working fine for years at this point.
me and the other folks trying to get this working disagree. there are several threads about it on the GOS forum.
Yeah, I was thinking of separate profiles in general, and had never encountered the concept of an employer controlled separate profile. When I needed a device for something work related, I usually got issued a phone.
Those were the days…I used to have a personal phone, corporate phone and a site phone! The multi phone inconvenience was real…
Just grab an app like Shelter.
0% of the apps/methods available at the time worked with my employers setup. I did everything except the adb method. ended up getting a crap phone for work. it just sits on my desk anyway.
Oh, you mean a profile set up by your employer. Actually, dunno whether that works. I never let any employer touch a personal device.
that is the point of the work profile when used as the non-primary profile.
same phone; but work profile cannot see or interact with the primary profile or configure the device. if the corporate account is used as the primary, they can wipe the phone remotely.
Ive only got one gripe with it and its the requirement for RCS. I do prefer to use signal but genuinely only one person I know has gotten on to it. I hate using google messages but for folks that send me bulk pictures from iOS its just a hassle until there’s a Foss one that works but there isnt to my knowledge. I do know RCS only works on the main profile goo
I switched a few months ago and overall its been an excellent experience. Some pitfalls though:
- Banking apps may not work, Santander in the UK for example but I’m going to transfer away from them
- Contactless pay through google wallet doesn’t work, I couldn’t find a way to attach a card to the back of my phone and also keep pixel snap usable so I bought a small pixel snap wallet that works nicely
- Recently Volkswagen and vw group enabled google play attestation for their app and not hardware attestation, so my cars app no longer works. This is probably the most frustrating for me because as an EV owner there’s no other way to track the charge of your car other than via the app. This is particularly annoying when using public charge points and you can’t track the charge progress when walking away from the car. First world problem, I can just leave it alone and let it charge without keeping an eye on it but that’s annoying to me, I’m sure I’ll get over it.
- Because of the above, I’m concerned other apps may start to follow suit. For example “too good to go” in the UK is “not compatible” with my device from the play store because it doesn’t pass the play attestation… Hopefully it’s not a trend.
Overall though I would highly recommend. All the other main features work flawlessly.
One of my banking apps enabled Google Play attestation. It’s really infuriating. I don’t understand the point either - AFAIK all apps need to be signed with the dev’s private key anyway, don’t they? If they are then why would anyone care where I downloaded it from?
Take a look at OVMS (open vehicle monitoring system). I use it since I have an EV because I don’t want to pay for “connected services”.
Some bank apps may not work, but you can check by searching for you bank name + GrapheneOS
I found this list helpful: https://privsec.dev/posts/android/banking-applications-compatibility-with-grapheneos/
I also found that one of the ones I use would only work in the Owner profile with Gplay services so the secondary profile wasn’t an option for it.
I’ve had zero apps not work, including my banking apps.
Amazing for me tbh. I only had to give up contactless payment since my bank switched to google wallet and I have 0 google apps on my phone. Obtanium and Aurora store are life savers.
Doesn’t help if someone you’re talking to has it on. And unlike Zuck’s stupid glasses you won’t even be able to know unless you ask every single person you talk to first. This sucks.
It’s probably illegal in Germany and some other EU countries. Not that that always stops Big Tech. But this one, at least in Germany, could land the user some jail time.
It’s illegal in parts of the US too
You still gave your money to Google for the phone…
No, I gave it to the person who resold the phone at a lower cost than what I would’ve paid to get it from Don’t Be Evil Inc.
based
What a useless and irrelevant comment that adds less than nothing to the conversation.
