I recently asked the /c/Android community what information Google has access to on stock Android, assuming the user is not using any Google apps, and was told Google has full “unstoppable” access to the entire device, including Signal messages, the microphone, duckduckgo search history and anything displayed on the screen at all times.
Does this mean that encrypted messaging is essentially pointless to use on Android? I’m a newb here so go easy on me.
Currently, no (other than the microphone). Android apps are sandboxed and the Signal app encrypts its data so it isn’t readable from the outside. There is however a real concern if using keyboards with predictive text, because the keyboard knows what you’re typing into Signal.
FWIW, they’re not sandboxed from google play services:
Accordingly, google would have access to the Signal data on your phone. However, I don’t know whether the encryption would provide a measure of protection against google. GrapheneOS by default does not use google play services, and provides a sandboxed version for people who need the functionality.
Unless you’re using GrapheneOS and then the answer is “Mostly but it depends”.
It’s possible but complicated.
Since apps have access to the TPM API they can encrypt their own data in such a way that only the app’s own authorized processes can retrieve the decryption key from the TPM chip
and the os. Always the os, if it has root access :)
but the sandbox is controlled by google, of course. They might need to snoop on your app for “accessibility reasons” (no pun intended)
I will leave just this info here
Technical Data
Subject of Investigation: Google Play Services
Number of Permissions: 277
Operating System: Android 4.4.2 and above
List of Permissions
3.1. Automotive Systems Control
Access to data and control of vehicle components via Android Auto/CarPlay:
3.2. User Interface Manipulation
3.3. “Chimera” Component
System component of undetermined purpose.
3.4. SMS Management
Complete control of text messaging functions:
3.5. Root-Level System Privileges
Complete device control at root-access level.
3.6. Application Data Access
3.7. USB Management
Control of USB connections and data transfer.
3.8. Identifier Access
Access to all system and user device identifiers.
3.9. Screen Lock Management
Disabling keyguard (screen lock system).
3.10. Mail Services Access
3.11. Network Function Management
3.12. Wi-Fi Management
3.13. Audio Recording
3.14. Geolocation
Complete control of location functions:
3.15. Payment Information Transmission
Sending payment data without specified recipient restrictions.
3.16. Camera Control
Access to device camera.
3.17. Telephony Function Management
3.18. Permission Management
Manipulation of other applications’ permissions:
3.19. Device Lock Management
3.20. Biometric Authentication
Complete control of biometric identification systems:
3.21. Notification Management
Manipulation of system notifications:
3.22. Telephony Function Access
3.23. Bluetooth Management
Control of Bluetooth connections.
3.24. Security Key Management
Google Play Services is one of many pre-installed Google system components. A standard Android installation contains 30-50 additional Google applications with similar or complementary permission sets.
Someone at Google could hear what a device’s microphone is picking up at all times?
Yes.
I believe notifications would be accessible. Note that i don’t mean the push notification backend mentioned by Doomerang, but the actual notification that goes into your status bar (which is all processed on device). That would be readable by the OS in theory.
It’s not readable by the OS in theory, it is literally readable. Displaying a notification is an API call from the app to the framework provided by google. To put it in laymans terms the app goes “hey google please display this text as a notification”.
deleted by creator