Per one tech forum this week: “Google has quietly installed an app on all Android devices called ‘Android System SafetyCore’. It claims to be a ‘security’ application, but whilst running in the background, it collects call logs, contacts, location, your microphone, and much more making this application ‘spyware’ and a HUGE privacy concern. It is strongly advised to uninstall this program if you can. To do this, navigate to 'Settings’ > 'Apps’, then delete the application.”
You must log in or # to comment.
SafetyCore Placeholder so if it ever tries to reinstall itself it will fail due to signature mismatch.
I struggle with GitHub sometimes. It says to download the apk but I don’t see it in the file list. Anyone care to point me in the right direction?
There’s an app called obtainium that let’s you link the main page of github apps and manages both the download, the instalation and the updates of those apps.
Great if you want the latest software directly from the source.
Thanks! Til
I didn’t understand the value of fdroid all since it feels like a web wrapper. Thanks to you finally pulled the trigger on Obtanium. Omg that’s simple af
It’s a web wrapper that points to a non-Google software repo.
The non-Google software repo is the important part, the interface can be bad as long as it can install software.
I use Obtanium too, but fDroid is my first stop when I need an app. Google’s Play store is a last resort.
Droid-ify and Neo-Store are alternative clients for the F-Droid repository (and other repos), that you may like better than the official client. But yeah, Obtainium is indeed simple and it’s powerful if you already know exactly which app you want to install (rather than searching for relevant options in some repositories).
Scroll down to releases.
Got it, thanks!
At the bottom of the page, it says releases - click on the release that’s there, and that’s where you’ll find the all.
I haven’t been able to install it though due to signature mismatch, I’m not sure why…
Awesome, thanks! You didn’t install a previous version did you? Apparently you can’t update to the current version due to the signature issue.
Click on the “releases” link
Wow that’s actually genius thank you
Amazing, thank you. I have uninstalled this bs twice now and have so far been spared by another force install. I hope this works
Thank you for sharing!
Google says that SafetyCore “provides on-device infrastructure for securely and privately performing classification to help users detect unwanted content. Users control SafetyCore, and SafetyCore only classifies specific content when an app requests it through an optionally enabled feature.”
GrapheneOS — an Android security developer — provides some comfort, that SafetyCore “doesn’t provide client-side scanning used to report things to Google or anyone else. It provides on-device machine learning models usable by applications to classify content as being spam, scams, malware, etc. This allows apps to check content locally without sharing it with a service and mark it with warnings for users.”
But GrapheneOS also points out that “it’s unfortunate that it’s not open source and released as part of the Android Open Source Project and the models also aren’t open let alone open source… We’d have no problem with having local neural network features for users, but they’d have to be open source.” Which gets to transparency again.
Graphene could easily allow for open source solutions to emulate the SafetyCore interface. Like how it handles Google’s location services.
There’s plenty of open source libraries and models for running local AI, seems like this is something that could be easily replicated in the FOSS world.
deleted by creator
if there was something that could run android apps virtualized, I’d switch in a heartbeat
Waydroid?
To be clear, I haven’t used it at all and have no idea how well it works.
I gave it a run on Ubuntu touch with a fair phone like 8 months ago… It was still pretty rough then.
I remember reading recently that it’s gotten better (haven’t tried myself so don’t hold me to it). I can say that Wayland in general has come a long way since I switched to Linux ~2 years ago
Tried it on my laptop. Doesn’t work at all
Bummer
Do you mean sandboxed?
not necessarily… I mean If they run under the same VM, I’d be fine with that as well…but having a sandboxed wrapper would for sure be nice.
The Firefox Phone should’ve been a real contender. I just want a browser in my pocket that takes good pictures and plays podcasts.
Unfortunately Mozilla is going the enshittification route more and more. Or good in this case that the Firefox Phone did not take of.
Is there some good Chromium browser with hardware video decoder support and a working adblocker, that is not Brave? Or which Firefox fork is recommended?
I’m sticking with Gecko for sure. Trying out Waterfox over the weekend on desktop, and Fennec F-Droid on my phone.
cromite for chrome, and ironfox for firefox?
deleted by creator
too bad firefox is going through the way like google, they are updating thier privacy terms of usage.
Yep. I’m furious at Mozilla right now. But when the Firefox Phone was in development, they were one of the web’s heroes.
it says its only for LLM? as long as they dont try to expand the “privacy” in any case i download alternatives to the browsers anyways.
I’m mostly just frustrated that the best option has now become merely the lesser evil.
I just gave up and pre-ordered the Light Phone 3. Anytime I truly need a mobile app, I can just use an old iPhone and a WiFi connection.
The app can be found here: https://play.google.com/store/apps/details?id=com.google.android.safetycore
The app reviews are a good read.
Thanks for the link, this is impressive because this really has all the trait of spyware; apparently it installs without asking for permission ?
yea i found it as soon as this article said it was on your phone spying on you, ALSO many people, like myself noticed the battery draining pretty fast too, this is probalby the cause, if it installs without your knowledge, i doubt the app is excluded from your "app battery usage logs to, like it doesnt show up how much power its using.
Smartest Google Defender
broken english too, probably from a paid indian reviewer.
Thanks. Uninstalled. Not that it matters, they already got what they wanted from me most likely.
Apparently I’m a beta tester? How, what? Thanks for the link!
The 5 star reviews are whack
Apparently I’m a beta tester for it, don’t recall signing up for beta tests with it
For people who have not read the article:
Forbes states that there is no indication that this app can or will “phone home”.
Its stated use is for other apps to scan an image they have access to find out what kind of thing it is (known as "classification"). For example, to find out if the picture you’ve been sent is a dick-pick so the app can blur it.
My understanding is that, if this is implemented correctly (a big ‘if’) this can be completely safe.
Apps requesting classification could be limited to only classifying files that they already have access to. Remember that android has a concept of “scoped storage” nowadays that let you restrict folder access. If this is the case, well it’s no less safe than not having SafetyCore at all. It just saves you space as companies like Signal, WhatsApp etc. no longer need to train and ship their own machine learning models inside their apps, as it becomes a common library / API any app can use.
It could, of course, if implemented incorrectly, allow apps to snoop without asking for file access. I don’t know enough to say.
Besides, you think that Google isn’t already scanning for things like CSAM? It’s been confirmed to be done on platforms like Google Photos well before SafetyCore was introduced, though I’ve not seen anything about it being done on devices yet (correct me if I’m wrong).
Doing the scanning on-device doesn’t mean that the findings cannot be reported further. I don’t want others going thru my private stuff without asking - not even machine learning.
Issue is, a certain cult (christian dominionists), with the help of many billionaires (including Muskrat) have installed a fucking dictator in the USA, who are doing their vow to “save every soul on Earth from hell”. If you get a porn ban, it’ll phone not only home, but directly to the FBI’s new “moral police” unit.
the police of vice and virtue, just like SA has.
This is EXACTLY what Apple tried to do with their on-device CSAM detection, it had a ridiculous amount of safeties to protect people’s privacy and still it got shouted down
I’m interested in seeing what happens when Holy Google, for which most nerds have a blind spot, does the exact same thing
EDIT: from looking at the downvotes, it really seems that Google can do no wrong 😆 And Apple is always the bad guy in lemmy
Apple had it report suspected matches, rather than warning locally
It got canceled because the fuzzy hashing algorithms turned out to be so insecure it’s unfixable (easy to plant false positives)
They were not “suspected” they had to be matches to actual CSAM.
And after that a reduced quality copy was shown to an actual human, not an AI like in Googles case.
So the false positive would slightly inconvenience a human checker for 15 seconds, not get you Swatted or your account closed
Yeah so here’s the next problem - downscaling attacks exists against those algorithms too.
Also, even if those attacks were prevented they’re still going to look through basically your whole album if you trigger the alert
And you’ll again inconvenience a human slightly as they look at a pixelated copy of a picture of a cat or some noise.
No cops are called, no accounts closed
The scaling attack specifically can make a photo sent to you look innocent to you and malicious to the reviewer, see the link above
Overall, I think this needs to be done by a neutral 3rd party. I just have no idea how such a 3rd party could stay neutral. Some with social media content moderation.
Per one tech forum this week
Stop spreading misinformation.
If the app did what op is claiming then the EU would have a field day fining google.
graphene folks have a real love for the word misinformation (and FUD, and brigading). That’s not you under there👻, Daniel, is it?
After 5 years of his
anticshateful bullshit lies, I think I can genuinely say that word triggers me.And what exactly does that have to do with GrapheneOS?
Please, read the links. They are the security and privacy experts when it comes to Android. That’s their explanation of what this Android System SafetyCore actually is.
Have you even read the article you posted? It mentions these posts by GrapheneOS
I’ve just given it the boot from my phone.
It doesn’t appear to have been doing anything yet, but whatever.
Yeah no issues here just uninstalling. It hasn’t come back.
I didn’t have it in my app drawer but once I went to this link, it showed as installed. I un-installed it ASAP.
https://play.google.com/store/apps/details?id=com.google.android.safetycore&hl=en-US
I also reported it as hostile and inappropriate. I am sure Google will do fuck all with that report but I enjoy being petty sometimes
Google says that SafetyCore “provides on-device infrastructure for securely and privately performing classification to help users detect unwanted content
Cheers Google but I’m a capable adult, and able to do this myself.
Thank you was able to find and uninstall the app with no issues
Samsung? I was able to on my s23ultra
I just un-installed it
Anyone know what Android System Intelligence does? Should that be un-installed as well?
Jesus Christ they’re like bed bugs
Is it too much to ask that my phone only contain the shit that makes it work, and not anything else?
Its a classic example of using “BUT THE CHILDREN” to be invasive dickheads.
And it immediately reminds me of the story of the guy whose kid had a rash in the diaper area during covid, and the pediatrician requested pictures to remotely diagnose and treat, which google flagged as child pornography and called the cops on him, and banned/locked him out of everything (phone number, emails, pictures, etc etc) because he had everything on google.
and no amount of the police, or even doctor, insisting the pictures were medical necessity and not child pornography would convince google to restore his acount or even let him recover his number/email/pictures/etc.
The fact that Google refused to restore his account even after the police that they called said there was no child porn pisses me off to no end. They are officially allowed to close your account for no reason other than they don’t like you.
not only refused to restore the account, but still insisted he was a pedophile producing child pornography despite the cops and doctors and every other authority involved insisting he wasnt, and that the images were medically necessary, and refuse to even give/let him get a backup of all his family pictures, emails, etc.
and theres gonna be a lot more of it once this stupid invasive spyware rolls out and gets going.
If our parents and grandparents photos were digitized, they’d all probably be labled child porn producers, because almost every parent/grandparent/etc has some picture of their newborn getting a sink bath or some other completely harmless, and otherwise normal photo.
and I think its so they can artificially inflate their numbers. They arent doing shit to stop actual child exploitation, so they hammer hard on this shit so they can make a big show of “cracking down and stopping” it.
First result of DDG search, explains it quite well: https://www.androidauthority.com/android-system-intelligence-3325187/
I’m not seeing it on my S22, but I am seeing system intelligence. What is it?
Thnx for this, just uninstalled it, google are arseholes
Thanks for bringing this up, first I’ve heard of it. Not present on my GrapheneOS pixel, present on stock.
I suppose I should encourage pixel owners to switch from stock to graphene, I know which decide I rather spend time using. GrapheneOS one of course.
I’m traumatized by trying to use banking apps on lineage… don’t think I’ll risk it until I get a backup phone
I’ve looked into it.l briefly. Did you have any issues switching? I’m concerned about how some apps I need would function.
I did a fair amount of research before the switch to find alternatives to Google services, some I’ve replaced, others I felt were too much of a hassle for my phone usage.
I’ve kept my original pixel stock, the hardest part about switching this one over was plugging it in and following the instructions.
I’m hoping to get rid of my stock OS pixel soon, it would appear my bank hasn’t blocked it’s app on Graphene, unlike Uber.
For the rest I’ll either buy a cheap af shitbox to use purely for banking and Uber (if it comes to that).
If you’ve any other questions I’m happy to help find then answers with you, feel free to DM me.
I’d that what’s killing my fucking battery like crazy lately?
I’m curious about this. I’ve got a Pixel 6 and noticed that the battery started going to shit about a month or so ago? I couldn’t find an install date for SafetyCore, but it was listed in my apps. I’ve uninstalled it now. It’ll be interesting to see if that was causing it.
How do you uninstall it?
It doesn’t show in the app drawer, but I found it via the all apps in Settings.
Go to the Settings App > Apps > “See all XX apps”. It’s called Android System SafetyCore, so it should be close to the top of the list. Tap on it and select Uninstall.
Well it looks like I don’t have it. Which is good, unless its hidden and unremovable. My battery app reports up to like 60% of power usage but nothing else. That means that some stupid app in the background is running down my battery for no good reason.
you can search in your settings/app managment(im using a onplus12r though
same here, i was wondering why my Op12r was draining like super fast, for a phone touthing 2+days battery(and im not even playing games or videos on it), yet it was draining as fast as an old pixel phone.
Now that you say that, my battery was draining fast the past couple of weeks. It would last maybe a day. It lasts 2 days again now.
Is there any indication that Apple is truly more secure and privacy conscious over Android? Im kinda tired of Google and their oversteps.
For true privacy you’ll want something like GrapheneOS on a Pixel, with no Google apps or anything. Some other ROM with no gApps as a second choice.
Other than that, Apple SEEMS to be mildly better. I’ll give you an example: Apple pulls encryption feature from UK over government spying demands
While it’s a bad thing that they pull the encryption feature, it’s a good sign - they either aren’t willing or able to add a backdoor for the UK security services. Then there was this case. If the article is to be believed, they started working on security as of iOS 8 so they could no longer comply with government requests. Today we’re on iOS 18.
Apple claims their advertising ID is anonymized so third party apps don’t know who you are. That said, they still have the advertising ID service so Apple themselves do know a whoooooole lot about you - but this is the same with Google.
Then regarding photo scanning - Apple received a LOT of backlash for their proposed photo scanning feature. But it was going to be only on-device scans on photos that were going to be uploaded to iCloud (so disabling iCloud would disable it too) and it was only going to report you if you had a LOT of child pornography on your phone - otherwise it was, supposedly, going to do absolutely nothing about the photos. It wasn’t even supposed to be a categorization model, just a “Does this match known CSAM?” filter. Google and Microsoft had already implemented something similar, except they didn’t scan your shit on-device.
At the end of the day, Apple might be a bit more private, but it’s a wash. It’s not transparent and neither is Google. I like using their devices. Sometimes I miss the freedom of custom ROMs, but my damn banking apps stopped working on Lineage and I couldn’t be arsed to start using the banks’ mobile websites again like I’d done in the past. So I moved to iOS, as Oneplus had completely botched their Android experience in the meantime while I’d been using Lineage so I was kinda pissed at what I had considered one of the last remaining decent Android manufacturers (Sonys are overpriced and I will never own a Samsung, I hate them, I didn’t like my Huawei or Xiaomi much either).
So if you want to run custom ROMs, get a Pixel or something. If not, Apple is as good a choice as Android. A couple of years ago it was the better choice even, as you’d get longer software support, but now the others have started catching up due to all the consumer outrage.
Thanks for the detailed reply dude. This is so thorough.
The short answer is: Apple collects much of the same data as any other modern tech composite, but their “walled garden” strategy means that for the most part only THEY have access to that info.
It’s technically lower risk since fewer parties have access to the data, but philosophically just about equally as bad because they aren’t doing this out of any real love for privacy (despite what their marketing department might claim)
