What's the deal with Android "keyboards"? Why is it just an app that you can install? And why can it have more functionality/permissions from the OS beyond just being a local keyboard? As an iOS user this is very bizarre and foreign to me.
I feel like every time the topic of Android keyboards (again, why is this a thing?) comes up it's some kind of big spyware thing. Seems like most every app on Android and iOS is spyware anyway, of course.
Unlike iOS pretty much every part of the Android OS is replaceable. There is technically no "unified" version of Android, each Android phone manufacturer has their own unique spin on it, and since its open source, or at least most of it is, anyone can make their own version. For example: Lineage OS, /e/OS, and Graphene OS.
As someone that hasn't drank that Apple flavoured Kool-aid, I can't understand why people thinking the inabality to use a device you own in the way you want to is considered a feature.
All aspects of android (pretty much) are customisable. It's not the os that is the problem, but the developers who program on all this telemetry.
There keyboards on android are much more useful than what's available on iOS. There is a similar issue with launchers. They, by their nature, need more access to other apps and more permissions. In most cases, that means more features, but meta and Microsoft have launchers too...
I use android and iOS. I find both good but the customisable nature of android is what drove me away from iOS.
For an aac user, it can be super helpful to be able to install a custom communication system as a keyboard as then they can use it with all the other apps. The keyboard apps have the same disclosures as all the others and you should avoid giving it the ability to export data with access to the Internet. Really any app can do this while you're in it and ask those name brand apps you bank with or whatever are made by third parties and could be logging anything to anywhere if no one bothered to check.
That said, I am unhappy with how android play store has never allowed you to filter apps by permission and has made it harder and harder to even see what permissions an app will request or "require". The permissions system is so good, should be made more fine-grained but instead they seem focused on "data safety statements" that are just cya for the platform as far as I can tell.
You need something that can watch/report your Internet traffic around the clock and selectively "fail" dns lookups you don't like or something. I think iPhone does have something like this built in?
So when the Chinese do it it's scary, but when the Americans do it it's just "established practice"?
Naomi Wu has literally been talking about pwnd Chinese IMEs for years in her sidechannel critiques of Signal.
Imagine willingly installing a keylogger, lol
Can you point to where it says that in the report? It actually says:
an IME will commonly reach out over the network to a cloud-based service for suggestions if suitable suggestions are not available in the input method’s local database.
So it doesn't send "every key typed".
Until you realized what sequence of letters most commonly not have any suggestion. That's right, when you type your password.
This is a most excellent place for technology news and articles.
