This morning I noticed that an app was silently installed on my device. Android System Safetycore.
So what is this app for? Supposedly it is designed to blur any images that are sent to or from you the user.
Android Authority Article Snippet
Sensitive Content Warnings is another new Google Messages feature that Google is announcing today. It’s a feature that gives you more control over seeing and sending images that may contain nudity. Sensitive Content Warning blurs images that may contain nudity before viewing them, and it then prompts you with a “speed bump” that contains “help-finding resources and options, including to view the content.” When it’s enabled and you try to send or forward an image that may contain nudity, Google Messages will also show a “speed bump” that reminds you of the risks of sending nude imagery. - Android Authority
The feature seems to be geared towards google messages.
However why this needed to be a seperate app isn’t really known. Why not just a feature within the google messages app? Google gives no explanation.
Another Android Authority Snippet
Warnings check runs entirely on-device, it didn’t mention that it will actually be powered by an entirely separate app and not Google Messages itself. - Android Authority
Google claims it runs entirely on your phone. Whether that’s true? ¯_(ツ)_/¯
According to my device, the app can have internet access restricted to it (via phone settings) implying that the app does have internet access. Any apps that dont have internet access wouldn’t be in my settings list for restricting network access.
Here’s the developer page. Not much in terms of detail going on there.
Here is the app on Play store with its further lacking detail and currently plunging reviews. Interestingly it seems the app has many good odd sounding reviews. Furthermore, all the new reviews are very negative. The app was 3.8 this morning. Plunging.
The whole concept of the feature isn’t a bad one. However, I certainly dont wish for it to be automatically installed on my device as a seperate app. A feature that is supposedly for a messaging platform that I don’t even have activated on my device.
I removed it myself as it can be uninstalled. It doesn’t show up on play store by search, however you can look up the app link online and get a direct link to it. Which I put here.
Spyware? A helpful feature? I don’t want it on my phone anyways.
(Yes this is a repost, I hope it isn’t considered spam. Yes I did also delete the original one :/ . Goodnight 🥱!)
I have a Pixel 7a on Google Fi service running Android 15 in the US.
I don’t see that app on my list of all apps nor when i search for it in the Play Store.
I got it on a Pixel 7, but I uninstalled it because I’m not trying to have Google spy on me for yet another reason.
deleted by creator
tfw I’ve never been warned about nudes in my text messages :(
I don’t see it on my dumb phone
A “dumb phone” these days is really just an android phone with more user restrictions and less security, but all the same spyware.
No, its not running Android at all, Android uses way too much power and drains the battery much faster. Its actually terrible for a phone if all you want is to make phone calls with it.
Your dumb phone is much insecure than a smartphone which has GrapheneOS or LineageOS. Your dumb phone certainly lacks secure 4G or 5G communication, cannot use e2e encrypted messaging platforms and cannot update firmware in case of security bugs.
Why would I need any of that, its only used for calls or SMS when I am out of the house. Anything important I can do on Linux.
Thanks for the post. I had it on my phone as well. A couple days ago the messenger app forced me to update, I wonder if they are related.
Ok, I gotta change to Graphene asap
Yup, found on my phone yesterday.
It also claimed that i was part of the beta program, which is probably how they back-doored it in, so make sure you leave the beta program to keep it from coming back.
On my phone it was not installed (Android version 14). I even don’t find it in google play store. Is this because of the Android version or are there maybe regional differences?
I wonder if it’s a 15 thing. I updated to 15 last week, and sure enough, it was in my system apps. Easy enough to install, but what the fuck. I really need to get myself a pixel and install GOS.
Keeping sealed iodine patches and band aids inside my leather wristbands.
Staying on the edge of the pit to catch anyone who falls or takes a hit.
🧷 safetycore 🧷
There are definitely good, non malicious reasons to have it as a separate app and that should actually be preferred. Off the top of my head:
- Separation of permissions - it only has the permissions it asks for instead of every permission messages has
- It can be disabled/removed without disabling messages
- it can be reused by other applications if that’s a desirable feature
Some people might actually like this: thinking of women getting unsolicited dick picks in particular
I found this in my app list, it hadn’t asked for any permissions. If it’s looking at every image I get, it’s doing so extremely discreetly.
Sus. Very sus.
The real issue is definitely people not having total control over their own devices.
It doesn’t need permissions to be sent pictures from messages though, that’s all local and likely done via an exported Service. Good chance other Google products are or will make use of it in the future.
Honestly, if the app was open-source so we can check it does not leak data, I would probably have no issue with it.
Making it a separate app makes sense if google wants to allow other apps to re-use the code. No reason to have the same functionality bundled into each app separately.
And the feature, as long as it is configurable, seems useful.
The auto-install is bad but understandable. As far as I am aware, there is no easy way to mark an app as a dependency of another app so it gets automatically installed only when needed. This should be fixed, but auto-install for all is not terrible temporary solution. This does not apply when the app is closed source and may steal your data.
Wait how do I restrict apps’ access to the inthernet what phone lets me do that
You can do that with GrapheneOS.
What about LineageOS?
If you root it, sure. Unfortunately lots of misguided fools on the internet, including Lineage’s authors will try to convince it’s not a good idea.
And what if I want to see and send nudes? Google, mind your business.
In other news, Google wants to scan all your messenger images.
If you’re using Google messages, they’re definitely already doing so
Seems weird to have a separate app read sent and received messages? Is it poking holes in the Messages app sandbox?
Lots of apps are able to interact with your text messages. Many apps are able to intercept one time passcode messages when registering accounts for instance.
It’s also not weird to separate this if they intend for it to be able to be used in other areas as well.
Just because it may be used only by Messages right now, doesn’t mean that it’s intended to only be used there.
As far as I know, the apps are not intercepting the text messages for passcodes. The messages have a specific format and a hash to indicate which app they are targeting. It is up to the messages app to read the message and to forward the code. This design should not need to give the apps any access to your messages.
