Talk:Android Data Collection: Difference between revisions
Latest comment: 29 November 2025 by Rudxain in topic 3p section
mention fingerprinting |
→3p section: Reply |
||
| Line 1: | Line 1: | ||
== 3p section == | ==3p section== | ||
We need a section about third-party tracking. | We need a section about third-party tracking. | ||
* [https://peabee.substack.com/p/everyone-knows-what-apps-you-use Here] you can see how apps bypass play-store policies to enumerate almost all installed apps. Outside of play-store, there's no such policy, so [https://developer.android.com/reference/android/Manifest.permission#QUERY_ALL_PACKAGES <code>QUERY_ALL_PACKAGES</code>] can be abused. | *[https://peabee.substack.com/p/everyone-knows-what-apps-you-use Here] you can see how apps bypass play-store policies to enumerate almost all installed apps. Outside of play-store, there's no such policy, so [https://developer.android.com/reference/android/Manifest.permission#QUERY_ALL_PACKAGES <code>QUERY_ALL_PACKAGES</code>] can be abused. | ||
* The fact that [https://developer.android.com/reference/android/Manifest.permission#INTERNET INTERNET] is not a [https://developer.android.com/guide/topics/permissions/overview#runtime "dangerous"] permission, is no surprise because gluegle loves ads. This forces users to install apps such as [https://play.google.com/store/apps/details?id=eu.faircode.netguard NetGuard], which [[Talk:Google#they_REALLY_despise_ad-blockers | gluegle forbids from blocking host-names simply because it can be used to block ads]] | *The fact that [https://developer.android.com/reference/android/Manifest.permission#INTERNET INTERNET] is not a [https://developer.android.com/guide/topics/permissions/overview#runtime "dangerous"] permission, is no surprise because gluegle loves ads. This forces users to install apps such as [https://play.google.com/store/apps/details?id=eu.faircode.netguard NetGuard], which [[Talk:Google#they_REALLY_despise_ad-blockers | gluegle forbids from blocking host-names simply because it can be used to block ads]] | ||
Apps like [https://play.google.com/store/apps/details?id=com.finalwire.aida64 AIDA64] and [https://github.com/MuntashirAkon/AppManager AppManager] can access '''a lot more''' info about the device, by default, which implies that other apps can abuse permissions to do '''excessive [[Device_fingerprint|fingerprinting]]'''. | Apps like [https://play.google.com/store/apps/details?id=com.finalwire.aida64 AIDA64] and [https://github.com/MuntashirAkon/AppManager AppManager] can access '''a lot more''' info about the device, by default, which implies that other apps can abuse permissions to do '''excessive [[Device_fingerprint|fingerprinting]]'''. | ||
[[User:Rudxain|Rudxain]] ([[User talk:Rudxain|talk]]) 12:15, 13 November 2025 (UTC) | [[User:Rudxain|Rudxain]] ([[User talk:Rudxain|talk]]) 12:15, 13 November 2025 (UTC) | ||
:BTW, any app can bypass VPN-based firewalls (such as NetGuard) by simply using gluegle "Play Services" (or almost any other app with internet access) as a "middle-man", which allows them to do telemetry. | |||
:Neither of whatsapp or disbloat disclose their use of [[Google Mobile Services|GPS/GMS]], look at their privacy-policies: | |||
:* <nowiki>https://discord.com/privacy</nowiki> only mentions "Google" once, and only referring to its cloud hosting | |||
:* <nowiki>https://www.whatsapp.com/legal/privacy-policy</nowiki> only mentions its backup service | |||
:Those PPs are the only ones linked by their respective apps, so they're not "only for the web version", they also apply to their OS-specific apps, so they must disclose GMS [[User:Rudxain|Rudxain]] ([[User talk:Rudxain|talk]]) 15:34, 29 November 2025 (UTC) | |||
Revision as of 15:34, 29 November 2025
3p section
We need a section about third-party tracking.
- Here you can see how apps bypass play-store policies to enumerate almost all installed apps. Outside of play-store, there's no such policy, so
QUERY_ALL_PACKAGEScan be abused. - The fact that INTERNET is not a "dangerous" permission, is no surprise because gluegle loves ads. This forces users to install apps such as NetGuard, which gluegle forbids from blocking host-names simply because it can be used to block ads
Apps like AIDA64 and AppManager can access a lot more info about the device, by default, which implies that other apps can abuse permissions to do excessive fingerprinting.
Rudxain (talk) 12:15, 13 November 2025 (UTC)
- BTW, any app can bypass VPN-based firewalls (such as NetGuard) by simply using gluegle "Play Services" (or almost any other app with internet access) as a "middle-man", which allows them to do telemetry.
- Neither of whatsapp or disbloat disclose their use of GPS/GMS, look at their privacy-policies:
- https://discord.com/privacy only mentions "Google" once, and only referring to its cloud hosting
- https://www.whatsapp.com/legal/privacy-policy only mentions its backup service
- Those PPs are the only ones linked by their respective apps, so they're not "only for the web version", they also apply to their OS-specific apps, so they must disclose GMS Rudxain (talk) 15:34, 29 November 2025 (UTC)