this post was submitted on 18 Feb 2024
81 points (96.6% liked)

Privacy

31982 readers
337 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 36 points 9 months ago (1 children)

Mixed feelings about this article. In short, it presents a new way of fingerprinting devices.

While it's an interesting fingerprinting strategy, this is just one of many ways that a device can be fingerprinted. Do your best to avoid installing applications you don't trust to protect your privacy.

Also, the recommendations of the article don't make much sense. Anti malware on Android? Ridiculous and ineffective.

[–] [email protected] 3 points 9 months ago (1 children)

Is there any better anti-malware solution available to the average (read: not using F-Droid) user than the Google Play Store? If third party cookie blocking in Chrome has shown us anything, it's that Google prefers to monopolize data collection.

[–] [email protected] 12 points 9 months ago

No. There is no room for anti-malware services in the Android design.

Such software needs permissions that reach outside of the Android security model to do things like access other application data without its consent.

Imagine for a moment that you could install anti malware with some kind of super user permission that lets the software access everything it needs to do its job. If so, malware would immediately attempt to use that feature as well, either to steal more of your data or inject itself into other applications.

Play Services is special because it operates with much higher privileges than third party software can obtain.

Now, in theory you can still scan applications before they are installed, but I would argue that there's very limited value in doing so. If you're installing software from sources you don't trust, you have bigger problems. You can't rely on a signature matching engine to detect malware in the general case.