Per one tech forum this week: “Google has quietly installed an app on all Android devices called ‘Android System SafetyCore’. It claims to be a ‘security’ application, but whilst running in the background, it collects call logs, contacts, location, your microphone, and much more making this application ‘spyware’ and a HUGE privacy concern. It is strongly advised to uninstall this program if you can. To do this, navigate to 'Settings’ > 'Apps’, then delete the application.”
You must log in or register to comment.
People don’t seem to understand the risks presented by normalizing client-side scanning on closed source devices. Think about how image recognition works. It scans image content locally and matches to keywords or tags, describing the person, objects, emotions, and other characteristics. Even the rudimentary open-source model on an immich deployment on a Raspberry Pi can process thousands of images and make all the contents searchable with alarming speed and accuracy.
So once similar image analysis is done on a phone locally, and pre-encryption, it is trivial for Apple or Google to use that for whatever purposes their use terms allow. Forget the iCloud encryption backdoor. The big tech players can already scan content on your device pre-encryption.
And just because someone does a traffic analysis of the process itself (safety core or mediaanalysisd or whatever) and shows it doesn’t directly phone home, doesn’t mean it is safe. The entire OS is closed source, and it needs only to backchannel small amounts of data in order to fuck you over.
Remember the original justification for clientside scanning from Apple was “detecting CSAM”. Well they backed away from that line of thinking but they kept all the client side scanning in iOS and Mac OS. It would be trivial for them to flag many other types of content and furnish that data to governments or third parties.
I didn’t have it in my app drawer but once I went to this link, it showed as installed. I un-installed it ASAP.
https://play.google.com/store/apps/details?id=com.google.android.safetycore&hl=en-US
thank you for posting this. it’s not yet installed on my phone for some reason, but i will be checking this page every couple days to make sure it stays that way.
Fuck these cunt
And interestingly enough my phone crapped out on this post. But at least I was still able to read the the post.
Seems to be innocuous, but there’s no harm in removing it. Next update, it’ll be returned, so the better solution long-term will be (if you’re rooted) is to use an application to freeze it, which effectively disables it and it should survive and update. If you delete the app, a new update will put it back.
You can freeze using ADB/Shizuku as well. No root needed.
If you freeze via non-room methods, updating the apk will re-enable it. So it’s the same situation as just removing the apk–it’ll basically re-enable itself.
I’ve never had an app frozen through ADB get auto-updated by the Play Store or Google Services and get re-enabled because of it. An app with an update available will even disappear from the Update list if disabled, and in order to update it you have to enable it first.
Freezing an app in an non-root fashion doesn’t do anything special. It’s moved to a different location and is effectively “removed” from a runnable state. The OS shows it as disabled/removed, but the files are still there. Newer versions of android (14+) will recognize applications it thinks are necessary (like this one, from Google) are moved/disabled and will pull a new apk during the upgrade process. It effectively re-installs the app.
how to freeze it on the app?
Using ADB:
adb shell pm disable-user --user 0 com.google.android.safetycoreIf you have Shizuku and aShell/ShizuShell installed, then just run this command in aShell:
pm disable-user --user 0 com.google.android.safetycoreAlternatively, for a GUI method, setup Shizuku and then use an app like Hail or Ice Box
or just disable play store and use an alternative store like aurora.
Then it’ll never get installed in the first place.
This is incorrect. It’s installed silently via a background OTA. It’s never installed purposefully through the google play store.
Thanks for bringing this up, first I’ve heard of it. Not present on my GrapheneOS pixel, present on stock.
I suppose I should encourage pixel owners to switch from stock to graphene, I know which decide I rather spend time using. GrapheneOS one of course.
I’ve got a Pixel 8 Pro and I’m currently using the stock OS. Anything in particular that you miss with Graphene OS?
I’ve looked into it.l briefly. Did you have any issues switching? I’m concerned about how some apps I need would function.
I did a fair amount of research before the switch to find alternatives to Google services, some I’ve replaced, others I felt were too much of a hassle for my phone usage.
I’ve kept my original pixel stock, the hardest part about switching this one over was plugging it in and following the instructions.
I’m hoping to get rid of my stock OS pixel soon, it would appear my bank hasn’t blocked it’s app on Graphene, unlike Uber.
For the rest I’ll either buy a cheap af shitbox to use purely for banking and Uber (if it comes to that).
If you’ve any other questions I’m happy to help find then answers with you, feel free to DM me.
Uber works on GrapheneOS
Hope they like all my dick pics
Don’t worry they won’t!
/Burn
Interestingly I don’t have it on my stock samsung phone. I haven’t updated it since oneui 6. Is safetycore installed by update or by GMS?
Samsung lets me uninstall it now problem.
Jesus thanks for posting this. Found it on my LG ThinQ.
Anyone have a fairphone? Thoughts about it?
Seriously…. Why do people continue to buy their products? They’re seemingly one of the most invasive security risks one could be involved with.
why, what do you recommend?
I mean you have just disclaime the whole android ecosystem, and the only other alternative is Apple, which is questionable if it’s better.
and this would have even applied to my fairphone!
would have, if I didn’t get rid of google services the day I got it.I don’t have to recommend anything just because I’m asking why people are buying spyware tech.
Just like I may not know the proper way to safely jump out of an airplane, but I do know a parachute is involved.
A person asking why people do a thing that seems stupid isn’t obligated to solve the people.
Then I guess the better question is what do you use?
Wouldn’t it be a given that I don’t have an android phone?
I just realized the network error made me doubly post my comment, I’ve deleted the other copy
No worries. Happens to all of us.
Most people don’t really know what that actually means, and they don’t feel they have anything to hide from some nebulous corporate entity.
deleted by creator
I don’t have to recommend anything just because I’m asking why people are buying spyware tech.
Just like I may not know the proper way to safely jump out of an airplane, but I do know a parachute is involved.
A person asking why people do a thing that seems stupid isn’t obligated to solve the people.
It didn’t appear in my apps list so I thought it wasn’t installed. But when I searched for the app name it appears. So be aware.
How did you search for it? Search bar in settings?
you can look it up on your app managment settings too, search for it there.
On my settings screen I have a search bar at the top
an app on all Android
not my android :)
BTW did anyone reverse engineer it? Or doing rn (I’m HTH)?
I switched over to GrapheneOS a couple months ago and couldn’t be happier. If you have a Pixel the switch is really easy. The biggest obstacle was exporting my contacts from my google account.
GrapheneOS — an Android security developer — provides some comfort, that SafetyCore “doesn’t provide client-side scanning used to report things to Google or anyone else. It provides on-device machine learning models usable by applications to classify content as being spam, scams, malware, etc. This allows apps to check content locally without sharing it with a service and mark it with warnings for users.”
LineageOS is amazing as well. Especially since it covers many devices
I’d that what’s killing my fucking battery like crazy lately?
Now that you say that, my battery was draining fast the past couple of weeks. It would last maybe a day. It lasts 2 days again now.
same here, i was wondering why my Op12r was draining like super fast, for a phone touthing 2+days battery(and im not even playing games or videos on it), yet it was draining as fast as an old pixel phone.
I’m curious about this. I’ve got a Pixel 6 and noticed that the battery started going to shit about a month or so ago? I couldn’t find an install date for SafetyCore, but it was listed in my apps. I’ve uninstalled it now. It’ll be interesting to see if that was causing it.
How do you uninstall it?
It doesn’t show in the app drawer, but I found it via the all apps in Settings.
Go to the Settings App > Apps > “See all XX apps”. It’s called Android System SafetyCore, so it should be close to the top of the list. Tap on it and select Uninstall.
Well it looks like I don’t have it. Which is good, unless its hidden and unremovable. My battery app reports up to like 60% of power usage but nothing else. That means that some stupid app in the background is running down my battery for no good reason.
you can search in your settings/app managment(im using a onplus12r though
