Talk:Android Data Collection: Difference between revisions
Add topicLatest comment: 29 November 2025 by Rudxain in topic 3p section
m linkify PP |
m add more links |
||
| Line 4: | Line 4: | ||
*[https://peabee.substack.com/p/everyone-knows-what-apps-you-use Here] you can see how apps bypass play-store policies to enumerate almost all installed apps. Outside of play-store, there's no such policy, so [https://developer.android.com/reference/android/Manifest.permission#QUERY_ALL_PACKAGES <code>QUERY_ALL_PACKAGES</code>] can be abused. | *[https://peabee.substack.com/p/everyone-knows-what-apps-you-use Here] you can see how apps bypass play-store policies to enumerate almost all installed apps. Outside of play-store, there's no such policy, so [https://developer.android.com/reference/android/Manifest.permission#QUERY_ALL_PACKAGES <code>QUERY_ALL_PACKAGES</code>] can be abused. | ||
*The fact that [https://developer.android.com/reference/android/Manifest.permission#INTERNET INTERNET] is not a [https://developer.android.com/guide/topics/permissions/overview#runtime "dangerous"] permission, is no surprise because gluegle loves ads. This forces users to install apps such as [https://play.google.com/store/apps/details?id=eu.faircode.netguard NetGuard], which [[Talk:Google#they_REALLY_despise_ad-blockers | gluegle forbids from blocking host-names simply because it can be used to block ads]] | *The fact that [https://developer.android.com/reference/android/Manifest.permission#INTERNET INTERNET] is not a [https://developer.android.com/guide/topics/permissions/overview#runtime "dangerous"] permission, is no surprise because [[Google|gluegle]] loves ads. This forces users to install apps such as [https://play.google.com/store/apps/details?id=eu.faircode.netguard NetGuard], which [[Talk:Google#they_REALLY_despise_ad-blockers | gluegle forbids from blocking host-names simply because it can be used to block ads]] | ||
Apps like [https://play.google.com/store/apps/details?id=com.finalwire.aida64 AIDA64] and [https://github.com/MuntashirAkon/AppManager AppManager] can access '''a lot more''' info about the device, by default, which implies that other apps can abuse permissions to do '''excessive [[Device_fingerprint|fingerprinting]]'''. | Apps like [https://play.google.com/store/apps/details?id=com.finalwire.aida64 AIDA64] and [https://github.com/MuntashirAkon/AppManager AppManager] can access '''a lot more''' info about the device, by default, which implies that other apps can abuse permissions to do '''excessive [[Device_fingerprint|fingerprinting]]'''. | ||
| Line 11: | Line 11: | ||
:BTW, any app can bypass VPN-based firewalls (such as NetGuard) by simply using gluegle "Play Services" (or almost any other app with internet access) as a "middle-man", which allows them to do telemetry. | :BTW, any app can bypass VPN-based firewalls (such as NetGuard) by simply using gluegle "Play Services" (or almost any other app with internet access) as a "middle-man", which allows them to do telemetry. | ||
:Neither of whatsapp or disbloat disclose their use of [[Google Mobile Services|GPS/GMS]], look at their privacy-policies: | :Neither of [[WhatsApp|whatsapp]] or [[Discord|disbloat]] disclose their use of [[Google Mobile Services|GPS/GMS]], look at their privacy-policies: | ||
:* https://discord.com/privacy only mentions "Google" once, and only referring to its cloud hosting | :* https://discord.com/privacy only mentions "Google" once, and only referring to its cloud hosting | ||
:* https://www.whatsapp.com/legal/privacy-policy only mentions its backup service | :* https://www.whatsapp.com/legal/privacy-policy only mentions its backup service | ||
:Those PPs are the only ones linked by their respective apps, so they're not "only for the web version", they also apply to their OS-specific apps, so they must disclose GMS [[User:Rudxain|Rudxain]] ([[User talk:Rudxain|talk]]) 15:34, 29 November 2025 (UTC) | :Those PPs are the only ones linked by their respective apps, so they're not "only for the web version", they also apply to their OS-specific apps, so they must disclose GMS [[User:Rudxain|Rudxain]] ([[User talk:Rudxain|talk]]) 15:34, 29 November 2025 (UTC) | ||
Latest revision as of 15:40, 29 November 2025
3p section
[edit source]We need a section about third-party tracking.
- Here you can see how apps bypass play-store policies to enumerate almost all installed apps. Outside of play-store, there's no such policy, so
QUERY_ALL_PACKAGEScan be abused. - The fact that INTERNET is not a "dangerous" permission, is no surprise because gluegle loves ads. This forces users to install apps such as NetGuard, which gluegle forbids from blocking host-names simply because it can be used to block ads
Apps like AIDA64 and AppManager can access a lot more info about the device, by default, which implies that other apps can abuse permissions to do excessive fingerprinting.
Rudxain (talk) 12:15, 13 November 2025 (UTC)
- BTW, any app can bypass VPN-based firewalls (such as NetGuard) by simply using gluegle "Play Services" (or almost any other app with internet access) as a "middle-man", which allows them to do telemetry.
- Neither of whatsapp or disbloat disclose their use of GPS/GMS, look at their privacy-policies:
- https://discord.com/privacy only mentions "Google" once, and only referring to its cloud hosting
- https://www.whatsapp.com/legal/privacy-policy only mentions its backup service
- Those PPs are the only ones linked by their respective apps, so they're not "only for the web version", they also apply to their OS-specific apps, so they must disclose GMS Rudxain (talk) 15:34, 29 November 2025 (UTC)