Skip Navigation

Technology @lemmy.world

effzehkoelle @feddit.org

3d ago

Everyone knows all the apps on your phone - by peabee

peabee.substack.com

Everyone knows all the apps on your phone

Privacy @lemmy.world

NinjaZ @infosec.pub

6d ago

Everyone knows all the apps on your phone

peabee.substack.com /p/everyone-knows-what-apps-you-use

Android @lemmy.world

solrize @lemmy.world

6d ago

Everyone knows all the apps on your phone

peabee.substack.com /p/everyone-knows-what-apps-you-use

Privacy @lemmy.dbzer0.com

fxomt @lemmy.dbzer0.com

6d ago

Everyone knows all the apps on your phone

peabee.substack.com /p/everyone-knows-what-apps-you-use

23 comments

Seeing people say "GrapheneOS fixes this!" "It's only on old versions of Android!"
This is on a Pixel 8 Pro with the latest version of GrapheneOS. This is an issue and has been for a long time. Many apps detect root by looking for the Magisk package using this method, and many collect this information just for advertising (go ahead, export your Snapchat data)

*if you have an older Android phone.
- What do you mean? The article is talking about current versions of Android.
  
  So the first line says that it's for older versions of android before 2022. But the next paragraph says:
  For extremely specific use cases such as file managers, browsers or antivirus apps, Google grants an exception by allowing QUERY_ALL_PACKAGES permission, which provides full visibility into installed apps.
  So this may still be possible, however sandboxing, especially GrapheneOS' implementation likely mostly, if not entirely reduce this risk.
- The second half of the article talks about how the apps get around this permission requirement.

Well that was a horrifying read. Is there any software that can protect against this? GrapheneOS? LineageOS? A Magisk module?
- Island, Insular, Shelter; apps that allow managing separate profiles.
  My setup: mostly Open Source apps on a custom ROM like LineageOS, the neccessary proprietary apps in shelter, connections managed via,Tracker Control. That one proprietary app that's too useful to have separate is fixed via App Manager.
- Separate profiles, although graphene is supposedly working on it last I heard.

I know apple products are mortal sin on this site, but I’m thankful I switched to iOS a decade ago. I loved my Android phones but I’ll never be assed to do CFW again, and since I don’t use my phone for much, I honestly appreciate the walled garden. Fuck apps. Messaging and basic browsing = phone. Anything else is for Big Screen.
- Great. Now instead of Google, Apple collects your data :)
  
  At least
  gestures to the article we’re commenting on
  THAT doesn’t happen

It's probably because of the bubble I live in, but I most of these apps.
Same here, i hadn’t even heard of Swiggy or Ola or TATA 1mg.
Btw, there was Island on a list there.

I know this happened a few years ago but would having a separate work profile through Shelter, Island, or Insular limit the app to only see those on the profile?
- Yes, it would. Those basically create sandboxes.
  
  That's what I assumed. Thanks for confirming.

Everyone
\ All
On some versions of Android
\ Mostly Indian apps
\ Workarounds exist
\ Workaround only works for checking a hardcoded list of apps, and can't check all your apps
Informative article, but damn the clickbait

23 comments