I recently asked the /c/Android community what information Google has access to on stock Android, assuming the user is not using any Google apps, and was told Google has full “unstoppable” access to the entire device, including Signal messages, the microphone, duckduckgo search history and anything displayed on the screen at all times.

Does this mean that encrypted messaging is essentially pointless to use on Android? I’m a newb here so go easy on me.

  • N0t_5ure@lemmy.world
    33·
    20 hours ago

    Android apps are sandboxed

    FWIW, they’re not sandboxed from google play services:

    The Play Store Services process has access to your precise location at all times, the motion sensors, networks, hardware identifiers (including IMEI), contacts, passwords, the entire storage space, call logs, access to other apps’ data, and more.

    Accordingly, google would have access to the Signal data on your phone. However, I don’t know whether the encryption would provide a measure of protection against google. GrapheneOS by default does not use google play services, and provides a sandboxed version for people who need the functionality.

    • Natanael@slrpnk.net
      8·
      18 hours ago

      It’s possible but complicated.

      Since apps have access to the TPM API they can encrypt their own data in such a way that only the app’s own authorized processes can retrieve the decryption key from the TPM chip