Google’s latest flagship smartphone raises concerns about user privacy and security. It frequently transmits private user data to the tech giant before any app is installed. Moreover, the Cybernews research team has discovered that it potentially has remote management capabilities without user awareness or approval.

Cybernews researchers analyzed the new Pixel 9 Pro XL smartphone’s web traffic, focusing on what a new smartphone sends to Google.

“Every 15 minutes, Google Pixel 9 Pro XL sends a data packet to Google. The device shares location, email address, phone number, network status, and other telemetry. Even more concerning, the phone periodically attempts to download and run new code, potentially opening up security risks,” said Aras Nazarovas, a security researcher at Cybernews…

… “The amount of data transmitted and the potential for remote management casts doubt on who truly owns the device. Users may have paid for it, but the deep integration of surveillance systems in the ecosystem may leave users vulnerable to privacy violations,” Nazarovas said…

91 points

GrapheneOS

permalink
report
reply
2 points
*

Do they have passkeys yet

Edit: passkeys support. Last year when I checked they didn’t support pass keys yet.

permalink
report
parent
reply
-2 points

I’m not sure because I’m on a OnePlus device running a lineage OS.

permalink
report
parent
reply
1 point

What a fucking useless comment

permalink
report
parent
reply
10 points

What does that even mean? It’s not the function of an OS to have passkeys.

permalink
report
parent
reply
5 points

Grapheneos didn’t support pass keys last year when I checked, so you couldn’t use them at all. There was some APIs broken/missing between the OS to browser comms so you couldn’t use 3rd party apps for pass keys, like proton or bit warden. I have been actively experimenting and adopting passkeys and didn’t want to revert. It sounds like there is support now though, so I will give it a try soon.

permalink
report
parent
reply
2 points

Thank you! Idk why I was down voted, I appreciate it. I did a bunch of research on grapheneos last year around this time and it wasn’t supported yet.

permalink
report
parent
reply
1 point

Yep, I’ve got a Pixel 9 Pro and I don’t even have a Google account on this thing.

permalink
report
parent
reply
31 points

What’s surprising about their stock ROM having tracking and phoning home? Use Grapheneos.

permalink
report
reply
0 points
*

You still have to trust their black box Titan security chip that’s only in Pixels, that they pinky promised to open source but never did.

permalink
report
parent
reply
6 points
*

You will have to inevitably trust someone somewhere for every phone, unfortunately. At least the Titan has been tested in the real world, and it’s not like it’s phoning home on it’s own or anything.

permalink
report
parent
reply
17 points

This doesn’t seem surprising at all. Isn’t that what Google Play Services is for? If you don’t want it, custom ROMs are easily installed.

permalink
report
reply
10 points

I’d say newer Pixels have even more privacy issues than the older ones because of cloud based AI features (ugh when will the bubble finally pop?) and stuff. However the stock OS is bad for privacy in both cases so a custom ROM is a must and afaik installing it on a Pixel is not too hard. Also new Pixels seem to get custom ROMs very quickly so you don’t have to wait for months or even years for someone to make one.

permalink
report
reply
12 points

The Pixel 9 line had GrapheneOS avaliable a couple of days after launch. That’s how fast. You order the phone, and by the time you got it, GrapheneOS was ready to replace Stock Android.

permalink
report
parent
reply
13 points

GrapheneOS + buy your phone from a store in-case you’re allergic to PETN

permalink
report
reply

DeGoogle Yourself

!degoogle@lemmy.ml

Create post

A community for those that would like to get away from Google.

Here you may post anything related to DeGoogling, why we should do it or good software alternatives!

Rules

  1. Be respectful even in disagreement

  2. No advertising unless it is very relevent and justified. Do not do this excessively.

  3. No low value posts / memes. We or you need to learn, or discuss something.

Related communities

!privacyguides@lemmy.one !privacy@lemmy.ml !privatelife@lemmy.ml !linuxphones@lemmy.ml !fossdroid@social.fossware.space !fdroid@lemmy.ml

Community stats

  • 331

    Monthly active users

  • 301

    Posts

  • 4.6K

    Comments