Everyone knows all the apps on your phone
peabee.substack.com
Until a few years ago, any app you installed on an Android device could see all other apps on your phone without your permission.
  • Nate@programming.devEnglish
    26·
    2 days ago

    Seeing people say “GrapheneOS fixes this!” “It’s only on old versions of Android!”

    Device Info HW app that can read my applications

    Permissions requested (viewed in Google Play, lack of any "read applications" permission)

    Permissions granted in settings app, still lacking any "read applications" permission

    This is on a Pixel 8 Pro with the latest version of GrapheneOS. This is an issue and has been for a long time. Many apps detect root by looking for the Magisk package using this method, and many collect this information just for advertising (go ahead, export your Snapchat data)

  • Rai@lemmy.dbzer0.comEnglish
    143·
    2 days ago

    I know apple products are mortal sin on this site, but I’m thankful I switched to iOS a decade ago. I loved my Android phones but I’ll never be assed to do CFW again, and since I don’t use my phone for much, I honestly appreciate the walled garden. Fuck apps. Messaging and basic browsing = phone. Anything else is for Big Screen.

  • kipo@lemm.eeEnglish
    20·
    2 days ago

    Well that was a horrifying read. Is there any software that can protect against this? GrapheneOS? LineageOS? A Magisk module?

    • MonkderVierte@lemmy.ml
      English
      3·
      1 day ago

      Island, Insular, Shelter; apps that allow managing separate profiles.

      My setup: mostly Open Source apps on a custom ROM like LineageOS, the neccessary proprietary apps in shelter, connections managed via,Tracker Control. That one proprietary app that’s too useful to have separate is fixed via App Manager.

    • Kairos@lemmy.todayEnglish
      6·
      2 days ago

      Separate profiles, although graphene is supposedly working on it last I heard.

    • kipo@lemm.eeEnglish
      25·
      2 days ago

      What do you mean? The article is talking about current versions of Android.

    • DaGeek247@fedia.io
      12·
      2 days ago

      The second half of the article talks about how the apps get around this permission requirement.

  • MonkderVierte@lemmy.ml
    English
    3·
    1 day ago

    It’s probably because of the bubble I live in, but I most of these apps.

    Same here, i hadn’t even heard of Swiggy or Ola or TATA 1mg.

    Btw, there was Island on a list there.

  • dev_null@lemmy.mlEnglish
    96·
    2 days ago

    Everyone*
    All***

    *On some versions of Android**
    *Mostly Indian apps
    **Workarounds exist***
    ***Workaround only works for checking a hardcoded list of apps, and can’t check all your apps

    Informative article, but damn the clickbait

  • IllNess@infosec.pubEnglish
    4·
    2 days ago

    I know this happened a few years ago but would having a separate work profile through Shelter, Island, or Insular limit the app to only see those on the profile?