this post was submitted on 27 Feb 2025
1017 points (96.7% liked)
Technology
63547 readers
2688 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
For people who have not read the article:
Forbes states that there is no indication that this app can or will "phone home".
Its stated use is for other apps to scan an image they have access to find out what kind of thing it is (known as "classification"). For example, to find out if the picture you've been sent is a dick-pick so the app can blur it.
My understanding is that, if this is implemented correctly (a big 'if') this can be completely safe.
Apps requesting classification could be limited to only classifying files that they already have access to. Remember that android has a concept of "scoped storage" nowadays that let you restrict folder access. If this is the case, well it's no less safe than not having SafetyCore at all. It just saves you space as companies like Signal, WhatsApp etc. no longer need to train and ship their own machine learning models inside their apps, as it becomes a common library / API any app can use.
It could, of course, if implemented incorrectly, allow apps to snoop without asking for file access. I don't know enough to say.
Besides, you think that Google isn't already scanning for things like CSAM? It's been confirmed to be done on platforms like Google Photos well before SafetyCore was introduced, though I've not seen anything about it being done on devices yet (correct me if I'm wrong).
That doesn't mean that it doesn't. If it were open source, we could verify it. As is, it should not be trusted.
That would definitely be better.
The Graphene devs say it's a local only service.
Open source would be better (and I can easily see open source alternatives being made if you're not locked into a Google Android-based phone), but the idea is sound and I can deny network privileges to the app with Graphene so it doesn't matter if it does decide to one day try to phone home... so I'll give it a shot.
God I wish I could completely deny internet access to some of my apps on stock android. It's obvious why they don't allow it though.
Check out Netguard. It's an app that pretends to be a VPN client so most of your traffic has to go through it - and then you can deny/allow internet access per app. Even works without root.
You can, if you root your phone. Unless it is not a thing anymore.