May I ask what fake location do you intent to provide? And have you considered that it might invalidate your claims? Like, you say your car had an accident but your location says you’re in Antarctica, and they use that to weasel out of coverage.
What bug? It’s super easy to do this in an app that already has access to your microphone, like Whatsapp, then extract only keywords from conversations and send them to Meta packed as innocuous numeric codes piggybacking on the overhead of encrypted connections.
A single byte here and there is all you need to know people were talking about cats, or perfume, or shoes etc.
Whatsapp protocol, app and servers are closed source, and Meta apps will download and compile native code upon installation, which escapes normal JVM restrictions and does God knows what.
On certain brands of phones (like Samsung) Meta apps come with a manufacturer-preinstalled system stub that can do pretty much whatever it wants, but is typically used to elevate the rights of Meta apps that were installed via normal means and to collect information from them as well as any app that’s running ads from Meta.
And this is a company that’s a third party to the Android ecosystem — it’s a lot easier for Google themselves, who are datamining the shit out of everything you do on a phone, from second-by-second location to email. And Meta is datamining the shit out of absolutely everything you put on Facebook and Instagram, in spite of any fines and sanctions. And Microsoft are datamining the shit out of everything you do on your PC and they’re openly pushing Recall and Copilot and have been pushing Cortana for so long.
What do you think Cortana and OK Google were listening for?.Hell, Amazon and Google were both caught storing recordings of people’s conversations in the beginning, before they started hiding it better.
So you’re being watched in every way possible in every single thing you do that touches any technology from these companies, we have countless documented instances of them breaking privacy in heinous ways like giving up people to authoritarian governments and to anti-abortion governments in the US and so on…
…and you’re seriously wondering if they’re snooping on your conversations? They have every means at their disposal, they’re using it every second, and you’re wondering if they’re doing that too?
Why wouldn’t they? It’s obvious that we live in a world where it’s ok to ask forgiveness (and you’ll get a slap on the wrist, if that) rather than permission. What would possibly compel them to not do it?
Consequences? What consequences? We already know for a fact they spy on so much stuff and we keep using their tech. There are no consequences.
You should be able to export both contacts and texts if the backup app is given contacts permission and to be set as the text app temporarily.
Not sure about the text multimedia. If it’s in the system text database it can be exported, if the Messages app has it in its private data then tough luck.
Well you can probably still back it up to Google.
Also, it’s established practice for workers to stagger their off days across the week.
This way both the company and things like services, banks, stores etc. can be available 7 days a week without any undue pressure.
So they’re already well positioned to take advantage of flexible working time.
Isn’t it fourth?
Mozilla has already shipped strict privacy mode by default in recent versions of Firefox so they’re already a leg up on this.
Google is currently trying to transition people to its own proprietary method of tracking (where the browser itself tracks you) so they would love it if third party cookies were no longer usable for that.
Mozilla has also added a direct tracking feature (anonimized) to Firefox btw. Not sure what their agenda is.
Websites are irrelevant, if third party cookies stop working in major browsers there’s no point in setting them anymore, they’ll be ignored.
In that case I call bullshit. What I described can work (relaying banking apps on the victim’s phone to authenticate to ATM), with cards it should not. If you read the comments on the site you’ll see people are just as confused as to how this can work.
There’s no credit card involved in this scenario.
When it happens it’s a security flaw and it needs to get patched. It’s not normal everyday thing.
This isn’t about subscribing to NFC events, the malware is creating fake NFC events without the NFC sensor being involved in a physical interaction with a tag or reader.
That’s what I mean, it shouldn’t be possible to relay anything. It should only trigger when there’s a reader physically in proximity to the phone.
Please keep in mind this is happening on the victim’s phone which is not rooted, the malware is a regular non-system app.
If it were happening on a rooted phone I could understand being able to subvert the NFC chain because at some point it has to pass from hardware to software and if you’re privileged enough you can cut in there. But the malware app is not privileged.
For those confused about how this could work with chip cards, the malware has two components, one installed on the victims phone and one on the attacker’s. The attacker initiates the contactless authentication at an ATM or contactless payment and their phone communicates in real time with the victim’s, which is tricked by the malware into reacting to that event and producing the one time token which is then relayed to the attacker and used.
They also previously social-engineered the card PIN from the victim, in case the contactless event requires it (definitely in case of ATM login).
The fact you can trick the NFC system on the phone into reacting to “phantom” payment events and intercept the resulting token sounds like a pretty big problem. The former should be entirely hardware controlled, and the latter should not allow the token to go anywhere else except to the hardware.
Also Android has strategic importance to Google. Their philosophy is to spread out and control their own platforms.
Normally Google, since they offer a search engine, ad platform and online services, could have stuck to just renting servers and cloud.
But they didn’t, they also created their own massive online storage platform, their own cloud platform, their own browser and browser engine, their own mobile platform, their own PC-based platform, their own wearable platform and so on.
They will never give up Android, unless perhaps they will have something else already prepared to replace it. But it would be an insane undertaking to move everything over, but to mention having to drag consumers and manufacturers and app creators kicking and screaming every step of the way.
Ironically, if Graphene would succeed, it would lead to a system that’s every bit as locked down as a manufacturer’s Android. GrapheneOS would also not allow you to have root etc.
IMO Graphene wants a place at the big player table. They’re not in it for user freedoms.
I doubt they intend to mine it. For the Russian state is easier to acquire Bitcoin by hacking wallets than mining, and the plebs can’t afford the electricity.
Trading is trading and they’d be risking sanctions whether they take payment with Swift or Bitcoin.
What version are you on? I’m on 7.0.58.
Why do you need a new launcher? You’re good to go for several years until (if) Android implements some completely new feature. Right now Nova has pretty much everything.
7 was actually surprisingly well optimized. It ran OK on an office PC with 512 MB of RAM and a 512 MHz CPU.
You wouldn’t use it like that because by that time apps like browsers and office were starting to feel restricted by that little RAM to the point you could only run either or. But the OS itself stayed out of the way as much as possible, and if you gave it just a little more RAM (like 1 GB) suddenly you had a usable office machine.
How do you avoid interaction if it’s being done automatically by your machine when you open up a print dialog, and if malicious servers can use the same names as legit printers?