Privacy

34477 readers

652 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

121

Google’s Unannounced Update Scans All Your Photos—One Click Stops It (www.forbes.com)

submitted 1 day ago by [email protected] to c/[email protected]

14 comments fedilink hide all child comments

cross-posted from: https://lemmy.world/post/26233189

"Android System SafetyCore’ claims to be a ‘security’ application, but whilst running in the background, it collects call logs, contacts, location, your microphone, and much more making this application ‘spyware’ and a HUGE privacy concern. It is strongly advised to uninstall this program if you can. To do this, navigate to 'Settings’ > 'Apps’, then delete the application."

If you don't want to navigate android settings you can also simply uninstall it from the Play Store https://play.google.com/store/apps/details?id=com.google.android.safetycore

Additionaly you can install this placeholder app to prevent Google from reinstalling it every time it updates: https://github.com/daboynb/SafetyCore-placeholder

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 11 points 1 day ago (2 children)

I'll repost my comment from the other post:

For people who have not read the article:

Forbes states that there is no indication that this app can or will "phone home".

Its stated use is for other apps to scan an image they have access to find out what kind of thing it is (known as "classification"). For example, to find out if the picture you've been sent is a dick-pick so the app can blur it.

My understanding is that, if this is implemented correctly (a big 'if') this can be completely safe.

Apps requesting classification could be limited to only classifying files that they already have access to. Remember that android has a concept of "scoped storage" nowadays that let you restrict folder access. If this is the case, well it's no less safe than not having SafetyCore at all. It just saves you space as companies like Signal, WhatsApp etc. no longer need to train and ship their own machine learning models inside their apps, as it becomes a common library / API any app can use.

It could, of course, if implemented incorrectly, allow apps to snoop without asking for file access. I don't know enough to say.

Besides, you think that Google isn't already scanning for things like CSAM? It's been confirmed to be done on platforms like Google Photos well before SafetyCore was introduced, though I've not seen anything about it being done on devices yet (correct me if I'm wrong).

[–] [email protected] 2 points 14 hours ago

even if it was completely safe now, it will change in the fututure. Corporations just cant keep their hands to themselves and will saw any branch for short term profit because they will never get any REAL consequences for anything. Before long it would start connecting to internet to "better classify" the images by uploading everything to some server. Likely it will expand to every file eventually so it can "protect" you from whatever their spindoctors come up with.

[–] [email protected] 0 points 1 day ago (1 children)

Yes like most things this is misunderstood, bandwagoned and thus overblown.

Getting tired of social media. Even Lemmy.

The other one is the Firefox tou update... Not saying it won't eventually be a problem but as of today it's not sending your data to Mozilla. You have time to see how this pans out.

[–] [email protected] 4 points 1 day ago (1 children)

they're coming up to my front door with a battering ram

Let's see how this plays out.

[–] [email protected] 7 points 1 day ago* (last edited 1 day ago) (1 children)

As someone who has never used Firefox only librewolf/mull/ironfox this analogy is asinine. Switching browsers is trivial and not at all like dealing with the threat of violence. It's exactly bullshit like this that is tiring. No one is really thinking just making unintelligent quips and reactions or parroting the bullshit of others.

[–] [email protected] 0 points 14 hours ago (1 children)

threat of violence

Do you understand what an analogy is?

Anyways, Firefox is the project. All of those other "projects" are mostly configuration changes of the upstream project- not even code changes.

When Firefox decides to become hostile to those "other" browsers you use- they'll be able to do fuck all about it.

[–] [email protected] 1 points 14 hours ago (1 children)

Do you understand what an analogy is?

Yes, hence it being a shit one.

Anyways, Firefox is the project. All of those other "projects" are mostly configuration changes of the upstream project- not even code changes.

No, for example fennec for fdroid which is the base for mull or ironfox has multiple code deletes to remove unsolicited data sent to Google.

When Firefox decides to become hostile to those "other" browsers you use- they'll be able to do fuck all about it.

That's not how open Source works...

[–] [email protected] 0 points 13 hours ago

multiple code deletes

That's not how open Source works...

These projects focusing on configuration changes and feature removal demonstrates their lack of creative potential.

Who cares if they fork? They don't have the ability to do anything but sit on dead code at that point.