[sbov]

I turned off almost all tracking in Android a while ago, but never scanned the data it collected. I recently looked at what data was associated with my Google account, and there I saw: every voice command I ever issued my phone, and when I used what app. I could see at 9:30am I opened my camera app. I can see I viewed a notification at 9:45am. And so on. I deleted it all, but my guess is it probably still lives somewhere in Google.

I knew they tracked search. I knew they would use my voice usage to make it better. I didn't realize how pathological they were in tracking literally everything I did with my phone and tying it to my account, down to what apps I opened and when. It's creepy as hell.

It really made me want to just exit this whole smartphone shitfest, because I have to assume they're still tracking all this data, just not making it visible. Maybe Apple is better, maybe not. The problem is I can't know for sure, and if they lie - what could I do about it anyways?

[HenryBemis]

I installed NoRoot Firewall, it has a "Access Log" tab, that logs all connections (allowed or block). My phone just didn't shut up'. Every other second some app (that wasn't in the foreground) was talking to some IP. My battery was getting slaughtered and my privacy as well.

I proceeded to disable the "Run in background" almost every application, kept only a handful that are really needed (e.g. Signal). Since then my battery lasts for 3 days, and my "Access Log" only moves minimally.

[refurb]

Question - does stopping apps from running in the background actually help privacy?

Can’t the app just buffer all that data (including time stamps) and just send it when you use it again?

Or is the app truly “turned off”?

[wurst_case]

This is how I do it. I cache everything I need to send and send it when I can. I do it in the context if sales information in places with poor connectivity like music festivals.

[aembleton]

The app can't collect and buffer data if it is not running.

[speeq]

Are you sure? I’m currently learning how to develop apps for Android and during my testing I was surprised that you’re able to send silent data-only notifications to devices, even when the app is closed / removed from the drawer. You’re able to run background functions like update a local SQLite database but I haven’t tried making requests to a backend server yet (my guess is it works too) or accessing any sensors.

[damian2000]

You're totally correct, you can do pretty much anything you want in Android running in the background. But the post you replied to is referring to Stopping an app .. via the app info in settings. In this case it stops the background service component until you launch it manually again. Noone apart from power users and developers would do this though.. most people likely don't know what the stop app function does.

There are OS battery optimisations which kick in eventually though, which result in most non system apps to be stopped automatically to save battery. Once again, they won't startup in the background again until being manually launched. This is my general understanding gained from working for a couple of years on an Android app that runs in the background and receives silent notifications.

[HenryBemis]

I don't develop apps for Android, but I do for iOS. I will assume that my operating systems knowledge though is from Windows/Unix. To use Windows terminology, an app is running either as 'manually launcher's or as a service (system launched). Android (at least my Honor phone and any tablet I ever used) gives me the ability to manually intervene and change the auto-launch and the background running. I windows that would be things found (and 'killed') in SysInternals AutoRuns.

I don't leave 'everything on default' in the power/background running settings, and thus I don't give the apps the option to do what the device decidsd. Plus with the firewall I Block all the nasties (e.g. 31.13.x.x - FB, or the various IPs for ads and tracking).

[mrhappyunhappy]

Can anyone recommend a good alternative for iOS to do just this?

[Jerry2]

Just go into Settings and disable "Background App Refresh" for all the apps you don't want running in the background. And also check your Battery section to see which apps use the battery the most.

I'm a recent convert to iOS (I've used Android for 7+ years) and I find that it "phones home" a lot less than Android. You can easily run a Wireshark and confirm it yourself.

https://www.bleepingcomputer.com/news/google/idle-android-ph...

[caprese]

I like how “a lot less” is the new standard, compared to “at all”

[Jerry2]

Well, if you look at the study [0] you can see that you can get rid of the most of the tracking by disabling App Background Refresh, removing the Google apps and by running a content blocker. If you do all those steps, Big Google won't be getting much identifiable data about you.

>Both Android and Chrome send data to Google even in the absence of any user interaction. Our experiments show that a dormant, stationary Android phone (with Chrome active in the background) communicated location information to Google 340 times during a 24-hour period, or at an average of 14 data communications per hour. In fact, location information constituted 35% of all the data samples sent to Google. In contrast, a similar experiment showed that on an iOS Apple device with Safari (where neither Android nor Chrome were used), Google could not collect any appreciable data (location or otherwise) in the absence of a user interaction with the device.

>While using an iOS device, if a user decides to forgo the use of any Google product (i.e. no Android, no Chrome, no Google applications), and visits only non-Google webpages, the number of times data is communicated to Google servers still remains surprisingly high. This communication is driven purely by advertiser/publisher services. The number of times such Google services are called from an iOS device is similar to an Android device. In this experiment, the total magnitude of data communicated to Google servers from an iOS device is found to be approximately half of that from the Android device.

[0] https://digitalcontentnext.org/wp-content/uploads/2018/08/DC...

[Phlarp]

It's a shame google maps is so much better than the alternatives, but it's probably somewhat related to the amount of data they collect.

[rando444]

You can probably find one in the app store just based on reviews.

Pretty much all "no root firewalls" work the same way.. The software pretends to be a VPN client in order to get the network traffic and filter it.

Since you're letting the software have control over all your network traffic, make sure you trust the software manufacturer.

[JohnFen]

> The software pretends to be a VPN client in order to get the network traffic and filter it.

This is why I stick with root firewalls -- I also use a VPN, and I don't think you can have your Android device use more than one VPN at a time (without rooting it).

[dleslie]

They track and consume and correlate/associate everything. That is their business: they sell their ability to know everything about you to anyone willing to pay for that information. All of their products feed into their core business.

Google is the most invasive and predatory attack on privacy ever; by no small margin.

[SquareWheel]

>they sell their ability to know everything about you to anyone willing to pay for that information

Can you prove this? Extraordinary claims require extraordinary evidence, and that's a real whopper of a claim.

[bravoetch]

It's not an extraordinary claim, it's literally what google claim to do by selling targeted ads.

[dleslie]

It's somewhat concerning that anyone would consider it an extraordinary claim.

I wonder how it is that they think Google rationalises providing so many free or below cost products to consumers?

Edit: downvoted without response. K.

[SquareWheel]

Where do I buy this user data? I would like to purchase it. dleslie claims they will sell it to "anyone willing to pay for that information".

> it's literally what google claim to do

It's literally the opposite of what Google claims to do.

https://safety.google/privacy/ads-and-data/

[zaroth]

Please be more charitable with your interpretation if you want to debate the merits of what is being claimed.

> they sell their ability to know everything about you to anyone willing to pay for that information

This does not actually claim they will sell you a copy of the raw data. That is Google’s “crown jewels” and they protect it fairly well, although not always perfectly.

In the past you could see the query on a referral URL. In the past you could see PII coming through this way as well. You could target ads against this PII, etc.

But anyway, what Google does is let you target ads based on their absolute knowledge of the user. What you are Searching for, where you are Searching for it, etc.

Google tracks you incensently so that they can more effectively sell things to you, or sell others the ability to sell things to you.

But increasingly it seems that Google tracks its users just because it can. Just in case that clickstream or that app history or that voice recording might become useful someday. Google tracks you like a paranoid government might track its citizens, afraid that some scrap of data might come back one day to be useful in its almighty question for [control / dollars / training an AI / optimization / whatever].

The nominal cost of storing one more piece of metadata is zero, the potential future value seemingly limitless, and perhaps the fear of Management asking for some piece of data you didn’t think to record is so great, they seem to just record all the things.

[SquareWheel]

>This does not actually claim they will sell you a copy of the raw data.

That's fair. That was my misreading of their original comment. I'm so used to seeing this misinformation I took it as just another example.

>But anyway, what Google does is let you target ads based on their absolute knowledge of the user.

That's right. The page I linked from Google is actually very transparent about how it works.

[dleslie]

Thank you, you said it better than I would have.

[shadowprofile76]

You buy this information indirectly any time you use any of Google's targeted advertising services. And yes, anyone can buy into it.

[SquareWheel]

>buy this information indirectly...

Which means what?

If you aren't actually getting user information, then simply put you aren't buying user information. Anything else is twisting words to distort their meanings.

[andrei_says_]

In addition to this, if the data exists, at some point in the future it will be compromised. The only way to avoid this is to not collect it.

And to anyone who says “I have nothing to hide” — imagine your worst enemy having all this information about you easily searchable with the intention to weaponize it for their purpose.

[andrerm]

No need for a worst enemy. Just expose your email and password on Facebook or Twitter and tomorrow all your personal and professional contacts will be thinking you are crazy. Maybe you'll be able to save your relationship. Certainly not your job. Edit: spelling

[godelski]

> And to anyone who says “I have nothing to hide”

To anyone saying that, they need to stop quoting Nazi propaganda. Term is coined by (but not originating from) Goebbels.

Note: The origin is from a fictional dystopia.

[andrei_says_]

Thank you. A great way to address the sentiment.

[godelski]

I mean I get why people say it. But we have to also be honest with ourselves. If it is something (strongly) pushed by societies that we utterly despise (be the Nazis, the dystopian writing of Sinclair (origin), or Voldemort's puppet state), it probably doesn't align with the beliefs of a free society.

The phrase is too frequently used by societies that we consider to not be free, being pervasive enough that a single use in literature would tell you that the characters live in an oppressive regime. Yet somehow we can make that connection but don't make it when actual politicians and citizens repeat it.

Personally I feel sickened that the phrase is so pervasive in our society (goes beyond the US). Just as I'd be if people were constantly saying "Work will set you free."

[matz1]

It's not feasible. It requires all the players to cooperate and one leak will ruin it.

We will have to use punishment as deterrent for someone who is harming other with all of this information.

[tssva]

I would guess that most of the people not worried because they have nothing to hide don't have a worst enemy.

[mirimir]

Or at least, a worst enemy that they don't see as one.

[stordoff]

And I think most people just don't realise. My grandmother was setting up a new Kindle Fire tablet recently, and asked me "Do I want to set up Alexa?". I just said "Do you want Amazon having a recording of everything you say to it?", and she replied, "Oh, no I don't then", but I doubt it had even crossed her mind before.

[JohnFen]

> It really made me want to just exit this whole smartphone shitfest

Yes, this is why I've decided to bail on the smartphone nonsense as well.

To make the problem worse, it isn't just Google you need to protect yourself from. You also need to protect yourself from the vast majority of apps that are out there as well.

It's become an intractable security nightmare, and I no longer consider smartphones as fit for purpose.

[sandov]

Have you tried Lineage OS?. It's an open source Android distribution, it doesn't include Google's proprietary stuff (Google Play services and such, even though you can include it if you really want to) and works surprisingly well.