Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: How much is Google collecting and keeping on Android if not signed in?
165 points by privacyisntdead 16 days ago | hide | past | favorite | 52 comments
From a privacy perspective, how much does not signing into a Google account help at device setup?

Thinking about picking up a 5a but CalyxOS isn’t ready for it yet.




If you install TrackerControl, no root needed (it pretends to be a VPN to capture your traffic, but is not a real VPN), you will see which apps try to talk to tracking services and thus also which ones talk to Google.

It also as a 'traffic log' feature which, when turned on, shows live which app is talking to which tracker.

Note that, especially if you turn on blocking services marked as essential in the setup, you will need to unblock a lot of CDNs and tracking services for many apps to work including Spotify, your browser, etc. Of course you can also just whitelist apps completely, or temporarily turn all blocking off altogether. But by default it will block trackers, since that's kind of its point. This has the side effect of blocking virtually all advertisements.


Thanks for the recommendation.

If anyone else is interested, the app's website is https://trackercontrol.org


Is there an iOS equivalent? 1Blocker and Lockdown seem close but not as good.


Check out the Guardian app. Founded by Will Strafach (aka Chronic, famous for the early iPhone jailbreak scene).

https://guardianapp.com/


I installed this and when I turn it on it stops all internet access to any app needing to access the internet. For example my podcast app immediately stops working.


> Note that, especially if you turn on blocking services marked as essential in the setup, you will need to unblock a lot of CDNs and tracking services for many apps to work including Spotify, your browser, etc. Of course you can also just whitelist apps completely, or temporarily turn all blocking off altogether. But by default it will block trackers, since that's kind of its point. This has the side effect of blocking virtually all advertisements.

Might be time to consider a different Podcatcher.


I'm using AttennaPod from FDroid store. Assuming that means it might be podcast specific.


Also using AntennaPod from F-Droid here: it gets its data from CDNs. The CDN is in a position to log data from a lot of people, that's why I think they are on the block list.

It depends on which podcasts you listen to which services you need to unblock I think. The 'essential' category is usually a good starting point but you might need more, especially for the search which iirc comes from Apple/iTunes.

You can also just whitelist AntennaPod completely of course, being an open source app from F-Droid that's relatively trustworthy.


Did you enable "Block essential data sharing" during initial setup?


And don't download the crippled play store version, go and get it from the source


Disclaimer: I work at Google. In cloud, not on Android.

I am privacy conscious so I though I would give a try at Graphene OS, it was brutal. It was overall stable and the stock android R was refreshing. The app selection available through F-droid was very limiting and the quality of apps was a struggle compared to those in the app store.

I wish there was some incentive for the better apps to open source and publish on F-droid. I donate to many apps on Patreon, should I just message to the devs and ask them to go open source and publish on f-droid?


Gotta step in as a GrapheneOS User. You have multiple options.

The easiest and most approachable one is: install Aurora Store from F-Droid. It gives you access to Google Play + App Updates without logging you into Google. This almost feels identical to Google Play itself.

Next: think about install the Experimental GMS Support that GrapheneOS offers. If you e.g. absolutely need an App that has troubles working without Google SDKs embedded, this might be an option. This is documented in the Usage Guide of the Website.

https://grapheneos.org/usage

However, just dont forget that you wanted a Google-FREE Phone. So dont overdo installing proprietär stuff.

Oh and stay as far away from MicroG as possible, it seriouly cripples the security of GrapheneOS by a lot.


> Oh and stay as far away from MicroG as possible, it seriouly cripples the security of GrapheneOS by a lot.

Doesn't this severely limit which apps you can install?


Severely? Not even close.


> Oh and stay as far away from MicroG as possible, it seriouly cripples the security of GrapheneOS by a lot.

I'm using MicroG on an unrooted stock Android just to be able to use Youtube Vanced.

What am I risking here?


> stay as far away from MicroG as possible, it seriouly cripples the security of GrapheneOS by a lot.

Do you mind sharing some details on this? I did not hear strong statements like this one before.


IIRC It requires allowing apps to mimic other app's signatures and pretend to be them, "signature spoofing". MicroG mimics the Google play services signature.

But that is really crippling, because apps can now spoof other apps signatures, essentially apps can pretend to be other apps. That opens a lot of opportunities for an attacker.


With the set of patches used eg in lineageos4microg, spoofing is restricted to the microG core app.


You're still taking a risk. its a risk that I won't take but you're welcome to for the sake of convenience.


> The app selection available through F-droid was very limiting and the quality of apps was a struggle compared to those in the app store.

That's funny because I would say the exact opposite. On the Play store it's extremely easy to accidentally install apps that have nothing to do with what you were looking for, never mind the absolute garbage it helpfully suggests on the start screen.

First thing I tell people around me is to get Fdroid and look there first. Seems much safer to me.


Off topic question, but what is the sentiment towards employees who want to protect their privacy at Google?


They didn't encrypt comms between DC's until after 2013.

Easy guess, it seems.


  > I donate to many apps on Patreon, should I just message to
  > the devs and ask them to go open source and publish on f-droid?
Yes, you should. This is actually a very effective measure.


> should I just message to the devs and ask them to go open source and publish on f-droid?

Yes!


> I donate to many apps on Patreon, should I just message to the devs and ask them to go open source and publish on f-droid?

Definitely! In addition, offering your time to set up the F-Droid build pipeline would go a long way


Google has a track record of pushing out Google-y spyware through software update channels. Whatever assumptions you're making based off Android's *current* behaviors, it's not safe to assume they'll hold.

https://news.ycombinator.com/item?id=18064537 ("Chrome 69 will keep Google Cookies when you tell it to delete all cookies")

https://news.ycombinator.com/item?id=24817304 ("Chrome exempts Google sites from user site data settings")

https://news.ycombinator.com/item?id=20044430 ("Google to restrict modern ad blocking Chrome extensions to enterprise users")

https://news.ycombinator.com/item?id=17942252 ("Tell HN: Using Gmail? You will be force logged into Chrome")


Depends on the ROM. AOSP barely has any Google on it compared to "stock" Android; it uses Google services for system resources like DNS, time synchronization, cert stores updates, etc. This is configurable. Of course, it uses Google servers for updates.

I believe that webviews and such use Google Safe Browsing.

AOSP doesn't have Google Play Services at all. There's a trivial amount to "de-google".

I'd recommend looking into GrapheneOS too once it gets 5a support.


If you're looking for security today, you can get away with a cheap 3aXL web installed with Graphene, for under 150 USD.


Link?


Like Pixel 5a?


"Privacy perspective" is way too ambiguous. Can you describe what specific things you want to protect from ?


Adding layers of difficulty to vacuuming up my data.

Protections from spying on emails, texts, right to be forgotten, geofencing warrant grab all’s.


> Protections from spying on emails

Do you mean your email inbox ? If so, if you're not signed in, there's nothing here for Google to know. If you're using gmail, obviously when you access your gmail from your phone, Google would know. Either you're using gmail or not. Obviously, emails you send to other gmail users, Google has access to them through other's inboxes, but that is completely independent from your device choice. So I'm not sure what exactly you're worried w.r.t. your device setup.

> texts

If you're not signed in, but using Google backed RCS as SMS/text, then Google won't have access to your message if using end-to-end (for non-group messages). If you're using group messages, they are not end-to-end encrypted.

> right to be forgotten

I'm not sure what you mean, w.r.t. phone device. Care to elaborate ?

> geofencing warrant grab all’s

If you're doing Google searches, they would be subject to geofencing warrant, albeit Google won't know who you are, just that a particular type of device with a particular ip address issued a particular query (and if you shared your location with Google, they would know more fine-grained location but obvious assumption here is you wouldn't do that), but that's no different from any device you use.


> geofencing warrant grab all’s

You are going to have to go pull the SIM and service, and keep your phone in a faraday bag as well. All the network providers do these, along with real time location tracking.


considering how cheap storage is vs how much money Google has, it's safe to assume the worst IMO


I don’t if it’s still the case , but in stock ROM Androids it would track your location history even with location services turned off.

https://www.wired.com/story/google-location-tracking-turn-of...


That article is about turning "location history" off, not turning "location services" off.

Full disclosure I work at Google but nothing related to that.


It shouldn't take a Google employee to tell all those location options apart.


Apparently journalists at wired can't tell the difference.


With a stock, store bought android rom with google play services and such?

It might help anonymize your device.

If you sign into a network regularly that you use with devices you sign into google with, or a network google associates you.with, they might correlate you with the device.

If you follow your normal routine of locations, browsing or other behaviour google is aware of, google may associate the device with what it knows about you.

It's kind of hard to say though, Google's data collection is somewhat opaque in regards to things it collects to associate you to other things.

I have noticed a few occasions where google has given me suggestions or ads based on searches i've made or on devices that I'm not signed into or associated me with data available only from such devices, other times not.

This is just anecdotal though so make of it what you will.


Good but who are "you" to google? Unless you sign in, you are just number on which they have data but not tied to an account. Right?


You are only "just [a] number" for a very brief period. As soon as you generate enough data points[1] to establish a recognizable subset of your pattern-of-life, the not-signed-in account can (and probably will) be correlated with your other accounts, some of which probably have data that identifies the real "you".

One of the most common mistakes people make when discussing the data collected by someone like Google is only considering the data in isolation. In reality, data is often combined with other databases.

[1] The minimum number of data points might can be very small: handful of timestamped locations at your home and job is probably unique, matching browser fingerprints if you used the same browser for logged-in and not-logged-in activity, or - as this is Google and their OS - maybe even simply a single even: hearing a MAC address known to be om your home wifi over the radio.


Someone with more writing and artistic skills really should make a comic strip or something about this. One we could share with less technical people.

Even technical people really don't seem to understand how far data aggregation can go. Multiple small information points are collated into profiles, you need to be Jason Bourne -levels of vigilant to not create a trackable fingerprint online.


An informative comic would be great. I have unsuccessfully tried to create a video game mechanic (ludonarrative) that demonstrates how data aggregation can be exploited. Giving people a little bit of personal experience on the other side trying to [ab]use data could be a very effective teaching tool. I suspect most people (including, as you mentioned, most technical people!) have never really thought about how personal data might be used as a weapon.

The amazing game "Papers, Please" demonstrated that a game based around an educational ludonarrative is not only possible, but can also be be relatively popular. Unfortunately, just like drawing, video game design is difficult.

> you need to be Jason Bourne -levels of vigilant to not create a trackable fingerprint online.

As Zoz said, "Don't Fuck It Up!"[1]. Any type of OPSEC has become extremely difficult. Even technically knowledgeable people that risk consequences of failure far worse than being tracked by Google screw up their OPSEC.

[1] https://www.youtube.com/watch?v=J1q4Ir2J8P8


https://desfontain.es/privacy/us-census-reconstruction-attac... is a pretty good explanation on those concepts.


yes. exactly. i guess xkcd must have already done something on this given the depth of knowledge that guy has on the internet. if nothing, if anyone knows that guy, he can do it in 3 panels i'm sure.


how far does pi-hole and similar tech help in this regard? i am genuinely curious about their role in reduction in data collection or at least preventing its exfiltration


I bought a moto g30 for this reason that it is stock android. Do not have a google account so haven't signed in. I do believe by disabling a lot of google crap, using newpipe any data google does take from my phone is stuck behind a "user #37484774" or something. My name is not tied to any online account so who cares.

Oh, BTW I use pihole at home so tracking is minimized even more


Isn't 5a the same hardware as 4a 5G for the most part? CalyxOS, RattlesnakeOS, and GrapheneOS should have support for it soon.

Edit: Here you go https://gitlab.com/CalyxOS/calyxos/-/issues/642


You may want to read this article, I am sure there are other academic sources about what is transmitted.

https://www.scss.tcd.ie/Doug.Leith/pubs/contact_tracing_app_...


You can completely remove Google packages with ADB. There are tools for that.

I would be more concerned about vendor packages. For example stock weather widget uses GPS and pinks servers, even when not in use...


I have a stock android phone but use wireguard and a pihole for DNS. It blocks something like 70% of all request but my phone works without issues.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: