1027
Google’s ‘Secret’ Update Scans All Your Photos (www.forbes.com)
submitted 2 months ago by ad_on_is@lemm.ee to c/technology@lemmy.world
219 comments fedilink hide all child comments

Per one tech forum this week: “Google has quietly installed an app on all Android devices called ‘Android System SafetyCore’. It claims to be a ‘security’ application, but whilst running in the background, it collects call logs, contacts, location, your microphone, and much more making this application ‘spyware’ and a HUGE privacy concern. It is strongly advised to uninstall this program if you can. To do this, navigate to 'Settings’ > 'Apps’, then delete the application.”

you are viewing a single comment's thread
view the rest of the comments
[-] kattfisk@lemmy.dbzer0.com 32 points 2 months ago

To quote the most salient post

The app doesn't provide client-side scanning used to report things to Google or anyone else. It provides on-device machine learning models usable by applications to classify content as being spam, scams, malware, etc. This allows apps to check content locally without sharing it with a service and mark it with warnings for users.

Which is a sorely needed feature to tackle problems like SMS scams

[-] throwback3090@lemmy.nz 9 points 2 months ago

Why do you need machine learning for detecting scams?

Is someone in 2025 trying to help you out of the goodness of their heart? No. Move on.

[-] kattfisk@lemmy.dbzer0.com 4 points 1 month ago

Blaming the victim solves nothing.

Scamming is a rapidly growing industry that is becoming more professional and specialized all the time. Anyone can be scammed.

[-] desktop_user 5 points 2 months ago

if the cellular carriers were forced to verify that caller-ID (or SMS equivalent) was accurate SMS scams would disappear (or at least be weaker). Google shouldn't have to do the job of the carriers, and if they wanted to implement this anyway they should let the user choose what service they want to perform the task similar to how they let the user choose which "Android system WebView" should be used.

[-] kattfisk@lemmy.dbzer0.com 1 points 1 month ago

No, that wouldn't make much difference. I don't think I've seen a real world attack via SMS that even bothered to "forge" the from-field. People are used to getting texts from unknown numbers.

And how would you possibly implement this supposed "caller-id" for a field that doesn't even have to be set to a number?

[-] desktop_user 0 points 1 month ago

caller id is the thing that tells you the number. it isn't cheap to forge, but it's the only way a scan could reasonably effect anyone with more than half a brain. there is never a reason to send information to an unknown SMS number, or click on a link from a text message from an unknown number.

[-] cley_faye@lemmy.world 2 points 2 months ago

You don't need advanced scanning technology running on every device with access to every single bit of data you ever seen to detect scam. You need telco operator to stop forwarding forged messages headers and… that's it. Cheap, efficient, zero risk related to invasion of privacy through a piece of software you did not need but was put there "for your own good".

[-] zlatko@programming.dev 4 points 2 months ago

I will perhaps be nitpicking, but... not exactly, not always. People get their shit hacked all the time due to poor practices. And then those hacked things can send emails and texts and other spam all they want, and it'll not be forged headers, so you still need spam filtering.

this post was submitted on 27 Feb 2025
1027 points (100.0% liked)

Technology

69449 readers
3424 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws