Google’s latest flagship smartphone raises concerns about user privacy and security. It frequently transmits private user data to the tech giant before any app is installed. Moreover, the Cybernews research team has discovered that it potentially has remote management capabilities without user awareness or approval.

Cybernews researchers analyzed the new Pixel 9 Pro XL smartphone’s web traffic, focusing on what a new smartphone sends to Google.

“Every 15 minutes, Google Pixel 9 Pro XL sends a data packet to Google. The device shares location, email address, phone number, network status, and other telemetry. Even more concerning, the phone periodically attempts to download and run new code, potentially opening up security risks,” said Aras Nazarovas, a security researcher at Cybernews…

… “The amount of data transmitted and the potential for remote management casts doubt on who truly owns the device. Users may have paid for it, but the deep integration of surveillance systems in the ecosystem may leave users vulnerable to privacy violations,” Nazarovas said…

  • Vik@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    1
    ·
    1 month ago

    out of interest, what use cases do you have in mind that require root access?

    I used to use a root based solution to block ads system wide via hosts but now I just use ublock origin in Firefox.

    • FuzzyRedPanda@lemm.ee
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      1 month ago

      AdAway, AFWall+ (for restricting network access to apps), Root File Explorer (needed to get my watch working with GadgetBridge), Permission Manager X, Xposed Edge Pro (for hardware keys remapping), Pixels (for a hardware display fix)

      • Vik@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 month ago

        Adaway was what I used prior to ublock origin on Firefox. The network access toggles can be found directly in ROMs like Calyx Grapene, Lineage, Divest, though I’m not sure if they’re widely seen elsewhere.

        I know the process you’re referring you WRT gadgetbridge. I used to do the same thing until I switched to a pinetime.

        I’m not familiar with permission manager X. Does that deviate from the android permissions framework in some way?

        Can you tell me more about the hardware tweaks?

        • FuzzyRedPanda@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 month ago

          Permission Manager X gives the user fine grain control over pretty much every permission an app has, moreso than the built in Android permissions settings. I was trying to use it to keep certain apps from starting automatically at boot.

          As far as the hardware tweaks, my Xperia has an “assistant button” on the side of the phone, but since I don’t use google assistant or anything, Xposed Edge Pro lets me remap it to do basically anything, even when the screen is off. I have it set to play/pause my music even when the screen is off, but only if headphones are connected.

          • Vik@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 month ago

            I see. I admit I sorely missed the app startup at boot control permission (app ops) toggle when it was removed from the Android permissions framework, but the new power and background software management framework eliminates the need for it.

            Also damn, you have a modern xperia? Hardware wise they are massively appealing to me. They have nearly all of the HW amenities I can think of (SD card slot, headphone jack, dedicated FP reader / button, notification LED, no camera cutout).

            If they supported bootloader relocking with sself signed keys, they’d be the perfect phone for me.

            I made the admittedly difficult discussion to move to a Pixel so I could use some of the most private and secure software possible on android with little effort or thought behind it.

            I sorely miss my headphone jack but at least I feel like I can depend on this tiny computer to not fuck me over with unfettered personal data collection (and save a lot of power in doing so, I suppose).

    • MasterBuilder@lemmy.one
      link
      fedilink
      arrow-up
      1
      ·
      29 days ago

      That only blocks for the browser. What about your apps? I never see add banners or popups in apps as i use adaway. Further, I can customize with well maintained blocklists that include other categories like malware and harvesting sites.

    • grue@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      11
      ·
      1 month ago

      what use cases do you have in mind that require root access?

      Ownership.