I recently asked the /c/Android community what information Google has access to on stock Android, assuming the user is not using any Google apps, and was told Google has full “unstoppable” access to the entire device, including Signal messages, the microphone, duckduckgo search history and anything displayed on the screen at all times.

Does this mean that encrypted messaging is essentially pointless to use on Android? I’m a newb here so go easy on me.

  • who@feddit.orgEnglish
    29·
    19 hours ago

    Google has the capability to read everything that you can read on an Android phone, unless you have taken steps to remove all Google-controlled components that have system-level privileges. Last time I checked, this included Google Play Services, which are installed by default on most Android phones.

    Note that messengers with end-to-end encryption, like Signal, cannot protect against an adversary with full access to your device.

    This is part of why people de-Google their phones, which usually means replacing the entire OS with something like LineageOS or GrapheneOS.

    • Jediwan@lemy.lolOP
      34·
      18 hours ago

      So just to confirm the answer to my question question: Its pointless to use encrypted messaging on an Android device?

      • ragas@lemmy.ml
        5·
        11 hours ago

        It is not pointless.

        1. You still make everyone else unable to read your messages.
        2. Even though google can in theory read everything, it depends on how shady they are and definitely is illegal in some countries for them to actually do read everything.
      • who@feddit.orgEnglish
        18·
        17 hours ago

        So just to confirm the answer to my question question: Its pointless to use encrypted messaging on an Android device?

        Of course not. End-to-end encrypted messaging protects against eavesdroppers in transit. It’s an opaque envelope.

        (Edit: Keep in mind that Google is not the only potential eavesdropper out there.)

        What it cannot do is protect a message from someone reading over your shoulder when you write a message or open an envelope. On mainstream Android, that could be Google, if they choose to abuse their system-level access. On iOS, it could be Apple. And so on.

        Those companies might be eavesdropping on sent/received messages already, either at a large scale or in a minority of cases, or regionally, or they might not be doing it at all… yet. But they have the capability. You’ll have to decide for yourself whether that risk is acceptable.

        • James R Kirk@startrek.websiteEnglish
          2·
          17 hours ago

          End-to-end encrypted messaging protects against eavesdroppers in transit.

          But if the ENDS are both compromised… I wish there were more/better custom ROMS out there. Hopefully Linux Phone gets some love.

          • who@feddit.orgEnglish
            4·
            14 hours ago

            But if the ENDS are both compromised…

            If either end is compromised, then there is someone reading over the proverbial shoulder, and the conversation should be considered compromised.

            Hopefully Linux Phone gets some love.

            That would be a welcome step in the right direction, as would open hardware.

      • corvus@lemmy.ml
        43·
        14 hours ago

        If you use stock android and proprietary software, YES. Everything you type can be recorded before it’s encrypted.