209
submitted 1 month ago by gytrash@feddit.uk to c/degoogle@lemmy.ml

Google's latest flagship smartphone raises concerns about user privacy and security. It frequently transmits private user data to the tech giant before any app is installed. Moreover, the Cybernews research team has discovered that it potentially has remote management capabilities without user awareness or approval.

Cybernews researchers analyzed the new Pixel 9 Pro XL smartphone’s web traffic, focusing on what a new smartphone sends to Google.

“Every 15 minutes, Google Pixel 9 Pro XL sends a data packet to Google. The device shares location, email address, phone number, network status, and other telemetry. Even more concerning, the phone periodically attempts to download and run new code, potentially opening up security risks,” said Aras Nazarovas, a security researcher at Cybernews...

... “The amount of data transmitted and the potential for remote management casts doubt on who truly owns the device. Users may have paid for it, but the deep integration of surveillance systems in the ecosystem may leave users vulnerable to privacy violations,” Nazarovas said...

you are viewing a single comment's thread
view the rest of the comments
[-] Tazerface@sh.itjust.works 15 points 1 month ago

I don't know about Calyx or Iode but Lineage doesn't allow for a locked bootloader. This is a massive security hole and without security, sooner or later, your privacy will be violated.

Currently, GrapheneOS on a newer Pixel are the only phones that Celebrite can't breach. Celebrite machines are cheap enough that the border guards and your local cops probably have one. In my country, it's the law that a cop is allowed to examine a phone during a traffic stop.

[-] Chulk@lemmy.ml 1 points 3 weeks ago

In my country, it's the law that a cop is allowed to examine a phone during a traffic stop.

One underrated feature of the Graphene OS is that you can set a duress PIN that wipes your entire phone when entered.

[-] Tazerface@sh.itjust.works 1 points 3 weeks ago* (last edited 3 weeks ago)

I have the duress pin/password set, the pin is written on a post-it in the case.

I should clarify, the cop can give the phone a once over but not connect to a machine or clone the phone. Cloning is a bit more involved - legally speaking.

[-] Chulk@lemmy.ml 1 points 3 weeks ago

Oh, I was mostly leaving the comment for other people who might be interested in the feature.

the pin is written on a post-it in the case.

That's not a bad idea. If someone steals the phone, they might inadvertently erase it for you if they find that post-it.

this post was submitted on 03 Oct 2024
209 points (97.7% liked)

DeGoogle Yourself

7743 readers
3 users here now

A community for those that would like to get away from Google.

Here you may post anything related to DeGoogling, why we should do it or good software alternatives!

Rules

  1. Be respectful even in disagreement

  2. No advertising unless it is very relevent and justified. Do not do this excessively.

  3. No low value posts / memes. We or you need to learn, or discuss something.

Related communities

!privacyguides@lemmy.one !privacy@lemmy.ml !privatelife@lemmy.ml !linuxphones@lemmy.ml !fossdroid@social.fossware.space !fdroid@lemmy.ml

founded 4 years ago
MODERATORS