Exploiting the Crack in (Android's) Slab

  • (10pts to Gryffindor if you get the reference but never mind if you don't.)

    Perhaps it's time to get nasty on social media. I don't mean nasty as in ad hominems and other unpleasantnesses, I mean get busy...

    What attracts people to Android? Cheap, choice of phones ... you name it, right?

    How many do actually know what comes with Android. I know the Fairfone advert looked at that (in German?) but we can exploit this elsewhere. In fact, I believe my crew could probably do something if I get the whips out.

    Video aside, there's a couple of things that Android (or ASOS with GAPPS) does that even Apple doesn't do and it's why Google spent so much time and money with vendor-lock in.

    It spies on us. Now you probably know that (why else are you on the UBPorts?) but I'm willing to be that most people have little or no clue just how far down the rabbit hole that goes: and it's deep. Google forces (or strongly suggests) Android users to use everything from their email to their DNS.

    Some of those apps are so deeply embedded into the system that disabling them will break something. Internet Explorer fiasco anyone?

    But wait - DNS? Who cares? DNS is open... only it's not. Google's DNS servers are closed source and we don't know what it stores. We can be sure that it's not doing it out of the goodness of Google's heart though. Google stopped "not being evil" many moons ago.

    "It's Open Source" - only it's not. Sure, it uses the Linux kernel but Google controls a hell of a lot of what makes Android ... Android and despite the efforts of the AOSP, most people get a phone that's basically a data collection system for Google.

    These are cracks in the slab that Google simply cannot deny because they are true. I dare say there are many others so I propose that all you smart folk here produce a list, which we can easily format so Granny can understand, with all the reasons why you should dump Android and Google faster than a hot coal.

    I'll see if I can knock that into a video (unless someone else wants to run with it) but the "paper" version can be spread around and we can help people understand that the phone they think they bought, is selling them down the river every second of every day that it's turned on.

    I was alarmed to see the number of hard-coded (direct IP) addresses that my old handset was sending back home: data that was encrypted so there's no way I could determine what it was.

    Should I be worried? I don't know but this is the sort of fear that will drive people away from Google and Apple and return us to a world where private communication is just that. PRIVATE!

    (The Crack in the Slab is a reference to a level in Dishonored II).

  • I agree with everything that is said here. Social media is the news network for the '10s.

    Just a question...does anyone know whether LineageOS (Cyanogenmod) has any spyware-related properties, if GApps is never installed?

  • Even without GAPPs, there's a lot of problems endemic to Android as a platform. If we stick with FOSS, we're relatively (never 100%) safe.

    The problem with anything that supports Android is the users. Before you can say "Edward Snowden" they're installing all sorts of stuff from dubious sources (cough, Amazon, cough) and we're back to square one. Where there's a quick buck to be made, someone is going to try and exploit it. I don't have a problem with advertising, however I DO have a problem with firms using my data, collating and collecting it to sell me stuff. That's not on. Ironically everything we post on forums is open to bloody Google too. I'm seriously thinking we need obfuscated forums for public use that don't need TOR, etc. to get into them.

    I'm thankful that Ubuntu released this as a open projects and that UBports picked it up. It's a true delight to use. In fact, since I'm relatively competent at Javascript, I might even have a crack at some development. I'll have to do a Scope first though.

  • Banned

    This post is deleted!

  • Damn, that's creepy!

    But assuming that it's real (I don't have any way to check right now) that's certainly something to make people aware of. FUD is how salespeople sell us stuff we neither want nor need.

Log in to reply