Who owns your shiny new Pixel 9 phone? You can’t say no to Google’s surveillance - eviltoast

Google’s latest flagship smartphone raises concerns about user privacy and security. It frequently transmits private user data to the tech giant before any app is installed. Moreover, the Cybernews research team has discovered that it potentially has remote management capabilities without user awareness or approval.

Cybernews researchers analyzed the new Pixel 9 Pro XL smartphone’s web traffic, focusing on what a new smartphone sends to Google.

“Every 15 minutes, Google Pixel 9 Pro XL sends a data packet to Google. The device shares location, email address, phone number, network status, and other telemetry. Even more concerning, the phone periodically attempts to download and run new code, potentially opening up security risks,” said Aras Nazarovas, a security researcher at Cybernews…

… “The amount of data transmitted and the potential for remote management casts doubt on who truly owns the device. Users may have paid for it, but the deep integration of surveillance systems in the ecosystem may leave users vulnerable to privacy violations,” Nazarovas said…

  • Buddahriffic@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    3 months ago

    I think you’re greatly overestimating the number of people who would need to be involved. It could be done by one person in the right RTL design position. ASIC validation doesn’t involve exhaustively searching for any backdoors that bridge between something accessible with low privileges to something that is supposed to require higher privileges.

    And if someone else did notice that, there’s a good chance it would just be a “thanks for reporting that, I’ll fix it” without a root cause investigation about how it got there, especially if it gets reported to the one who put it there in the first place.