FUD. Apps cannot listen to the microphone without going through the OS first. I call FUD or share with me this magical OS-bypassing code. Compromising the OS at such a fundamental level on a recent Android version is almost certainly beyond their capabilities. I am more likely to believe the content that inspired this article is more aimed at investors and is blatantly making false claims, and that such claims from the privacy policy are generic disclaimers.
Further, have you ever tried to get an app to consistently run in the background on purpose? It’s an enormous PITA when you actually want this to happen. Android apps do not typically run in the background at all unless they have again special permissions to bypass background restrictions. The OS strongly prefers to pause and eventually kill apps to save battery rather than permit background activities to occur unless they fall into specific categories and then only at specific times to optimize the battery usage.
If an app asks to run in the background all the time, bypass battery restrictions, and you grant it microphone access explicitly, the problem is no longer Android. The problem is the user being stupid by granting access against their own interests. And even then, it’ll still trip the microphone indicator.
No one said they were bypassing the OS. Have you seen the permissions some apps ask for ? Messenger used to straight up refuse to work if it couldn’t access your contacts and what your screen is showing at all times (allegedly to allow their shitty app widget to always display on top of whatever you’re doing). Don’t need a microphone to spy on anyone with that.
To be fair, the Android permission system is crap. I have an app to automate certain things. It requests only the exact permissions required for the actions I have configured. All I want to do is enable auto-rotate if a certain app is in the foreground and set portrait mode otherwise. In order to do that, the app needs full screen reader access and can theoretically see everything that’s on the screen.
That said, I personally don’t believe the Messenger app was well intentioned. But if it were, it may not have a choice but to request these permissisions for legitimate use cases.
True, and the applications are targeting children. Perhaps they’re praying on a user who will grant permissions without asking questions, of which there are many.
Man, I hear you on the persistent background operation. I can’t get my third party watch to stay connected to its home app for a day at a time and at this point I’ve given it all the permissions I’m allowed to give. If it asked for nudes I’d have sent them a portfolio. Doesn’t matter, you need to manually reopen it and resync it multiple times a day.
All recent OSes even visually make it obvious that the microphone is used, after asking the user if they should allow it at all. I don’t think they can actually to more far than this. Maybe regularly ask the user if they really want the microphone to be used all the time.
Agreed on all of that. But, see it from a different perspective, maybe the news need to misinform this way to get people to finally be privacy conscious on their phones. I mean, probably not and it is certainly a terrible way to do so, but maybe it might help that a broader population reevaluates how much they want to share online.
FUD. Apps cannot listen to the microphone without going through the OS first. I call FUD or share with me this magical OS-bypassing code. Compromising the OS at such a fundamental level on a recent Android version is almost certainly beyond their capabilities. I am more likely to believe the content that inspired this article is more aimed at investors and is blatantly making false claims, and that such claims from the privacy policy are generic disclaimers.
Further, have you ever tried to get an app to consistently run in the background on purpose? It’s an enormous PITA when you actually want this to happen. Android apps do not typically run in the background at all unless they have again special permissions to bypass background restrictions. The OS strongly prefers to pause and eventually kill apps to save battery rather than permit background activities to occur unless they fall into specific categories and then only at specific times to optimize the battery usage.
If an app asks to run in the background all the time, bypass battery restrictions, and you grant it microphone access explicitly, the problem is no longer Android. The problem is the user being stupid by granting access against their own interests. And even then, it’ll still trip the microphone indicator.
No one said they were bypassing the OS. Have you seen the permissions some apps ask for ? Messenger used to straight up refuse to work if it couldn’t access your contacts and what your screen is showing at all times (allegedly to allow their shitty app widget to always display on top of whatever you’re doing). Don’t need a microphone to spy on anyone with that.
To be fair, the Android permission system is crap. I have an app to automate certain things. It requests only the exact permissions required for the actions I have configured. All I want to do is enable auto-rotate if a certain app is in the foreground and set portrait mode otherwise. In order to do that, the app needs full screen reader access and can theoretically see everything that’s on the screen. That said, I personally don’t believe the Messenger app was well intentioned. But if it were, it may not have a choice but to request these permissisions for legitimate use cases.
True, and the applications are targeting children. Perhaps they’re praying on a user who will grant permissions without asking questions, of which there are many.
100% correct. There’s a whole field of mobile cybersecurity researchers who would be able to name names and show code if this was true.
The rest of the comment field here saddens me immensely.
Man, I hear you on the persistent background operation. I can’t get my third party watch to stay connected to its home app for a day at a time and at this point I’ve given it all the permissions I’m allowed to give. If it asked for nudes I’d have sent them a portfolio. Doesn’t matter, you need to manually reopen it and resync it multiple times a day.
Problem is that lots of kids have smartphones and dont understand what they are allowing by enabling those permissions.
All recent OSes even visually make it obvious that the microphone is used, after asking the user if they should allow it at all. I don’t think they can actually to more far than this. Maybe regularly ask the user if they really want the microphone to be used all the time.
Agreed on all of that. But, see it from a different perspective, maybe the news need to misinform this way to get people to finally be privacy conscious on their phones. I mean, probably not and it is certainly a terrible way to do so, but maybe it might help that a broader population reevaluates how much they want to share online.