This morning I noticed that an app was silently installed on my device. Android System Safetycore.
So what is this app for? Supposedly it is designed to blur any images that are sent to or from you the user.
Android Authority Article Snippet
Sensitive Content Warnings is another new Google Messages feature that Google is announcing today. It’s a feature that gives you more control over seeing and sending images that may contain nudity. Sensitive Content Warning blurs images that may contain nudity before viewing them, and it then prompts you with a “speed bump” that contains “help-finding resources and options, including to view the content.” When it’s enabled and you try to send or forward an image that may contain nudity, Google Messages will also show a “speed bump” that reminds you of the risks of sending nude imagery. - Android Authority
The feature seems to be geared towards google messages.
However why this needed to be a seperate app isn’t really known. Why not just a feature within the google messages app? Google gives no explanation.
Another Android Authority Snippet
Warnings check runs entirely on-device, it didn’t mention that it will actually be powered by an entirely separate app and not Google Messages itself. - Android Authority
Google claims it runs entirely on your phone. Whether that’s true? ¯_(ツ)_/¯
According to my device, the app can have internet access restricted to it (via phone settings) implying that the app does have internet access. Any apps that dont have internet access wouldn’t be in my settings list for restricting network access.
Here’s the developer page. Not much in terms of detail going on there.
Here is the app on Play store with its further lacking detail and currently plunging reviews. Interestingly it seems the app has many good odd sounding reviews. Furthermore, all the new reviews are very negative. The app was 3.8 this morning. Plunging.
The whole concept of the feature isn’t a bad one. However, I certainly dont wish for it to be automatically installed on my device as a seperate app. A feature that is supposedly for a messaging platform that I don’t even have activated on my device.
I removed it myself as it can be uninstalled. It doesn’t show up on play store by search, however you can look up the app link online and get a direct link to it. Which I put here.
Spyware? A helpful feature? I don’t want it on my phone anyways.
(Yes this is a repost, I hope it isn’t considered spam. Yes I did also delete the original one :/ . Goodnight 🥱!)
It’s into the 2s now. Not ok to push something like this automatically. Should be opt-in.
Doesn’t even appear to exist for me in the UK. Yay?
It didn’t appear in my apps list and yet if I looked at the link to the play store it said it was installed… maybe double check you don’t have it by looking it up on the play store as well. Fishy to say the least
And then I praise microg / LineageOS
I am using both and this somehow made it to my phone, wtaf
If you have play services installed. You will get it.
I don’t have it on a phone a with play services.
I’m also in the EU in case that matters
Well then, that’s pretty impressive. I don’t know the answer to that
Seems other commentators outside USA are saying similar things.
If true, I wouldn’t trust this app at all, because it just be breaking GDPR somehow
Do you have Google’s Messages app installed? If it actually does what they claim on the tin, maybe it was only installed on phones with the Messages app installed?
I’m in EU and I have it. was able to uninstall though.
In other news, Google wants to scan all your messenger images.
If you’re using Google messages, they’re definitely already doing so
Thanks for the post. I had it on my phone as well. A couple days ago the messenger app forced me to update, I wonder if they are related.
Hmm, don’t seem to have it on my GrapheneOS phone. :)
Ditto
Checked my second GOS user profile with google services, just to make sure – nothing to be seen.
Say it with me, peeps. Tenant on your own land!
Wow, thanks for this. I do have it sneakily installed by Google to my phone, without my knowledge or consent. If that ain’t malware behavior, idk what that is.
Is there not some flaw in this logic in that you are asked to decide if you wish to see a photograph before you have viewed it. Maybe we need an additional app on top of the Safety Core, called something like Android SneakPeek that lets you have a quick flash.
I first heard about this 2 days ago and it want installed on my phone at that time. Just checked again on a whim and sure enough it was installed!
Google, nobody asked for your safety center bullshit app.
Seems weird to have a separate app read sent and received messages? Is it poking holes in the Messages app sandbox?
Lots of apps are able to interact with your text messages. Many apps are able to intercept one time passcode messages when registering accounts for instance.
It’s also not weird to separate this if they intend for it to be able to be used in other areas as well.
Just because it may be used only by Messages right now, doesn’t mean that it’s intended to only be used there.
As far as I know, the apps are not intercepting the text messages for passcodes. The messages have a specific format and a hash to indicate which app they are targeting. It is up to the messages app to read the message and to forward the code. This design should not need to give the apps any access to your messages.
Oh thank you! Had it on my phone without any notifications or anything else to tell me that!
Am an EU resident, so that’s very worrisome to say the least.
I don’t see it on my dumb phone
A “dumb phone” these days is really just an android phone with more user restrictions and less security, but all the same spyware.
No, its not running Android at all, Android uses way too much power and drains the battery much faster. Its actually terrible for a phone if all you want is to make phone calls with it.
Your dumb phone is much insecure than a smartphone which has GrapheneOS or LineageOS. Your dumb phone certainly lacks secure 4G or 5G communication, cannot use e2e encrypted messaging platforms and cannot update firmware in case of security bugs.
Why would I need any of that, its only used for calls or SMS when I am out of the house. Anything important I can do on Linux.
It says no permissions required and has used no data on mine.
I froze it anyway because I didn’t ask for it, but I don’t think it’s malicious.
As long as it just concern Google Messages I’m fine since I don’t ever use that
