Android on device scanning?

[Cycom]

Per the title, does Google/Android do on device scanning of content, or is it only limited to what’s uploaded to the cloud?

I realize that I can expect little privacy on almost all platforms going forward, but on device scanning is too much. Since I’ll be using a paid e2e cloud service along with a NAS, I don’t really care if they do it server side, since I won’t be using their cloud services anyway.

 

[velocityg4]

Per the title, does Google/Android do on device scanning of content, or is it only limited to what’s uploaded to the cloud?

I realize that I can expect little privacy on almost all platforms going forward, but on device scanning is too much. Since I’ll be using a paid e2e cloud service along with a NAS, I don’t really care if they do it server side, since I won’t be using their cloud services anyway.

The open source OS itself does not. Nor any open source code made available by various phone manufacturers. That I'm aware of.

But Android phone makers start with the open source code. Then add their own proprietary apps, services, &c on top. While I'm not aware of any explicitly doing scanning on device and reporting it to any government. It doesn't mean they aren't. Just not that I'm aware of (except maybe Huawei). But most brands are scanning information like crazy to sell to other companies and advertising partners. Just not narcing on you.

The first off my list would be any manufacturer headquartered in China or any authoritarian state really. As they are more likely to have their OS or apps screwed with secretly. Which also knocks out most of the good brands (Huawei, Xiaomi, Oppo, Redmi, Oneplus, Motorola, Lenovo, &c).

The safest bets would probably be Google, Sharp, Samsung, Sony and Nokia. For mainstream brands. Just note Samsung data mines and sells like crazy even in their Pay and Health apps and loads all the default apps with ads. Even the friggin' phone and message apps. Sony has a horrible update history. Don't know much about Nokia or Sharp.

Actually the Google Pixel seems really well behaved. When I really lock down privacy settings. My account seems to reflect it. Some privacy settings are hard to find. While they could be gathering secretly. I've seen no indication when fully locked down. But I just did that to test. I leave a lot of privacy settings off as it makes the phones features more useful.

Really, when you think about it. The other brands usually add the Google apps anyways. With the Pixel you just get Android and Google Apps. With everyone else you get Android, Google apps and that manufacturers junk tossed on top. Which means more data mining. Edit: Not sure about the carrier Pixels. If they add carrier bloat as I get the Factory Unlocked version.

If you want to be really safe. Go with custom ROMS built for security. Where basically everything in it is open source. Making everything verifiable. Something like Graphene OS. Just don't expect it to be fun or easy.

If going custom. Choose your ROM first. As you'll want to select an officially supported phone. To minimize installation difficulty. Using an unofficial supported ROM decreases security, reliability and likelihood of patches. You definitely don't want to be building a ROM for your phone yourself.

Just note with those security minded ROMs.
- Horrible update support
- Poor app selection (Google Play store defeats the purpose, You'd want to use something like the F-Droid store)
- Phone features may not work

TLDR
Google Pixel is probably the best option. Unless you're going to go nuts with custom ROMS or some ultra secure brand. Which probably has horrible phone options.

 

[velocityg4]

I just wanted to add. When it comes to those preloaded apps and data harvesting. Most everything can be locked down, blocked, disabled or removed. Then you can replace them with some third party app you like or trust more.

Some are more deeply ingrained. Requiring you to root the device and connect with ADB. When it comes down to it. You can usually find some way to rip out and replace most anything you want. It is Linux after all.

Your limits are really your resolve and ability to learn.

 

[Cycom]

Great info homie. Really appreciate it!

So to clarify: I can delete/disable Samsung bloat ware with anything that’s comparable in the play store?

 

[jseymour]

Great info homie. Really appreciate it!

So to clarify: I can delete/disable Samsung bloat ware with anything that’s comparable in the play store?

Probably not. Samsung, some other manufacturers, and the carriers add their own bloatware that usually cannot be removed. It can often be disabled, though.

What they're talking about, above, is replacing the stock Android OS with an open source build, then load the apps you want from an app store.

 

[Steven-iphone]

Not mentioned in a custom ROM is CalyxOS for Pixel phones. Native Google app selection (w/microG and Aurora store) - granted some apps don't work. Regular monthly updates (OTA). And online support forum with developers in chat.

 

[velocityg4]

Great info homie. Really appreciate it!

So to clarify: I can delete/disable Samsung bloat ware with anything that’s comparable in the play store?

You can disable most stuff. Also turn off notifications and background usage.

Attempting to fully remove them would be best done with a custom ROM. As something like One UI is a service. But you can still simply replace it with another Launcher and leave it unused.

Anything which requires rooting or installing a custom ROM will void your warranty.

If you go with Samsung. Really any phone about carrier models. Get a factory unlocked model. As carrier models add extra bloat. They are also frequently custom, especially Verizon models. Meaning aftermarket ROMs may not work and require a special custom ROM build for that variant.

Also carrier models are often slower on updates. As they require the manufacturer then the carrier to patch the phone.

Pay attention to exact model numbers. As what's on Amazon might be an international, EU, latin, &c model. Which won't have the right radio bands for the US. They'll still work but may have limited speed.

In the US. The factory unlocked models for Samsung typically end in a U1. A U model is a carrier model and a V is a Verizon model. I think an F is a Latin or International model. I think a Galaxy S20 FE is an SM-G780U1 for a factory unlocked US model, for instance.

 

[velocityg4]

I should also say I'm guilty of the same thing I hate about anything I read on tweaking stuff. Why the heck didn't they warn me?

Installing custom ROMs is quite difficult. In all likelihood you're going to be spending many hours banging your head against a wall. Wondering why the heck you tried doing this? You could very well end up with a brick.

Don't do this with a new phone or your only phone. Get some old $50 junker off eBay to learn this on. Then you'll find out once you get it working you aren't done. You'll see how buggy it is afterward. Plus find out that some device features won't work or work as well. Requiring many more hours of tweaking. Perhaps way beyond your ability to ever fully get right. You also want to do this on a junker for learning. Because if you wreck it or take weeks to figure it out. You won't be without a phone.

Five years ago there was a big reason to do this. As after purchase updates and support sucked. It was the only way to get a new Android version and security updates on many phones. Now a lot of the regular brands offer three years of OS updates and four years of security updates (except Sony). Very few people bother now. Which means there's far fewer volunteers working on these ROMS and less support in the community. Now it's mostly hobbyists, people learning new skills, cheapskates and a few ultra paranoid people.

Disabling the pre-installed apps. Turning off their notifications and background processes. Then setting a new default is all pretty easy, supported and won't wreck anything. Basically all you can do without rooting. Some privacy or ads might slip through. But it'll cover the needs and concerns of 95% of people.

 

[jseymour]

Installing custom ROMs is quite difficult. In all likelihood you're going to be spending many hours banging your head against a wall. Wondering why the heck you tried doing this? You could very well end up with a brick.

Welll... FSVO "quite." You have to get into the boot loader, which sometimes the manufacturer does not make easy. Sometimes they make it quite difficult. It was relatively straight-forward on my old Samsung tablet.

And, yeah: You can brick your device doing this. But people have bricked their devices doing regular OS upgrades, too. (And, unlike Apple, most Android manufacturers and sellers will give you short shrift if you come to them with a complaint an OS update bricked your device. That's one of the nice things about Apple I will surely miss if I'm forced to switch back to Android.)

Don't do this with a new phone or your only phone. Get some old $50 junker off eBay to learn this on.

At least for the first time: Yes.

Five years ago there was a big reason to do this. As after purchase updates and support sucked. It was the only way to get a new Android version and security updates on many phones. Now a lot of the regular brands offer three years of OS updates and four years of security updates ...

True and not-so-true. True as it regards the update cycle. (One of the many reasons I switched to Apple.) Not true as regards privacy and security. With an open source AOS you know you're getting an unpolluted AOS. With the manufacturers you don't know what you're getting--even if they are updating it in a timely manner. Exception: Pixel, because that's Google's own phone.

 

[Cycom]

Welll... FSVO "quite." You have to get into the boot loader, which sometimes the manufacturer does not make easy. Sometimes they make it quite difficult. It was relatively straight-forward on my old Samsung tablet.

And, yeah: You can brick your device doing this. But people have bricked their devices doing regular OS upgrades, too. (And, unlike Apple, most Android manufacturers and sellers will give you short shrift if you come to them with a complaint an OS update bricked your device. That's one of the nice things about Apple I will surely miss if I'm forced to switch back to Android.)


At least for the first time: Yes.


True and not-so-true. True as it regards the update cycle. (One of the many reasons I switched to Apple.) Not true as regards privacy and security. With an open source AOS you know you're getting an unpolluted AOS. With the manufacturers you don't know what you're getting--even if they are updating it in a timely manner. Exception: Pixel, because that's Google's own phone.

So if my phones becomes bricked (through a legit software update), Samsung or others may give me a hard time re: warranty?

 

[jseymour]

So if my phones becomes bricked (through a legit software update), Samsung or others may give me a hard time re: warranty?

I have been out of the Android world for about four years, so I cannot comment with any authority. Your best bet would be to do a search on it in your favorite search engine or create an account at, for example, Android Central or Android Forums, poke around in those and then, if you don't find that for which you're looking, ask there.

I do know that in the past, users whose phones and tablets got bricked by an update were left high and dry. I think Vizio (they briefly made a tablet) used to be pretty good about it, but that was it.

But, like I said: Out-of-date information.

 

[velocityg4]

So if my phones becomes bricked (through a legit software update), Samsung or others may give me a hard time re: warranty?

I think it'll be more like. Difficult to get a hold of them and a long repair time. That's just a guess. As I've never had a phone which needed technical support. Updates just work and the phones just work. I'm a Pixel fan myself. As close as you can get to a vanilla state in Android.