Privacy of Google Play Services:
- What Data Do The Google Dialer and Messages Apps On Android Send to Google? We find that these apps tell Google when message/phone calls are made/received. The data sent by Google Messages includes a hash of the message text, allowing linking of sender and receiver in a message exchange. The data sent by Google Dialer includes the call time and duration, again allowing linking of the two handsets engaged in a phone call. Phone numbers are also sent to Google. In addition, the timing and duration of other user interactions with the apps are sent to Google. There is no opt out from this data collection. On foot of this report Google say that they plan to make multiple changes to their Messages and Dialer apps. (14th March 2022, accepted for SecureComm 2022)
- The app data is sent via the Google Play Services Clearcut logger and Google/Firebase Analytics. The data is binary encoded, but we have reverse engineered much of the format used and posted details on github, including scripts for decoding captured data. Instructions for capturing raw data from your phone are given here.
It's Not Just Google That's Using Android OS To Watch What You're Doing:
- Android Mobile OS Snooping By Samsung,Xiaomi, Huawei and Realme Handsets. An in-depth analysis of the data sent by six variants of the Android OS, namely those developed by Samsung, Xiaomi, Huawei, Realme, LineageOS and /e/OS. (6th Oct 2021)
- See also On The Data Privacy Practices Of Android OEMs, published on PLOS One.
Comparing Privacy of Android and iOS:
- Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google, the first systematic study of data that iPhones share with Apple and directly comparing data sharing by Apple iOS and Google Android. (25th March 2021, updated 10th June 2021. Now published in Proc SECURECOM 2021)
- You should be able to reproduce the measurements in this report yourself. I've created setup instructions. These are for a macbook plus iphone, but I'll add more later. Note that its necessary to use an older iphone in order for the jailbreak to work (I've used an iphone 8 and an iphone 6s).
Google's Federated Learning Tools Are Not Private:
- Two Models are Better than One: Federated Learning Is Not Private For Google GBoard Next Word Prediction We demonstrate that the words a user types on their mobile handset, e.g. when sending text messages, can be recovered with high accuracy under a wide range of conditions and that counter-measures such a use of mini-batches and adding local noise are ineffective. This raises obvious privacy concerns. Proc ESORICS 2023
- Re-evaluating the Privacy Benefit of Federated Learning. Proc ECML 2023
Chinese Android Phones:
- Android OS Privacy Under the Loupe -- A Tale from the East. Proc WiSec 2023