Sandboxed Google Play & NPU Question

SeaPanda117

I like Google products, which I know is close to heresy here. But hear my question out first.

I have been hearing recently about how the NPU part of the newer chips are designed to do on device processing and can be used in a way that captures private information pre-encryption, essentially rendering encryption worthless if you or the person you are messaging with are using a device where the OS can use access and use the NPU in this way. I don’t know if that’s really true, but on the surface it makes sense to me.

If someone uses GrapheneOS and logs into the sandboxed playstore I know that all those apps will intercommunicate the same way they would on Google’s Android. However, if an app like Signal is installed using obtanium or by adding the repo into F-Droid will we still be able to safely assume it is private because the Google Play Services and app are sandboxed?

I hope this makes sense, and I look forward to discussion.

de0u

SeaPanda117 If an app like Signal is installed using obtanium or by adding the repo into F-Droid will we still be able to safely assume it is private because the Google Play Services and app are sandboxed?

If Signal is installed in a user profile that contains Google Play, it can detect that Play is present and will act accordingly (e.g., it can communicate with Play about push notifications).

If Signal is installed in a user profile without Google Play, it will appear to Signal as if the device does not have Play installed.

It is not clear what is meant by "private" in the question. I suspect the Signal authors consider their app to be appropriately private when using Google Play. But various meanings might be assigned to "private".

other8026

SeaPanda117 I am asking specifically about the theory that the OS could use the NPU to grab all your conversations that you have in Signal pre-encryption. That is precisely what an NPU is designed to do, analyze what’s happening on device. This would allow the OS to analyze and (possibly) report back on what you are messaging without having to break the encryption.

In this case, the OS is GrapheneOS. The OS doesn't do this.

I'm curious where you heard of this theory. Different hardware on the device isn't "designed" to spy on people, but apps or services can use hardware to speed up processing of data they have access to I suppose, which could be a concern when giving apps access to too much (like all of the photos on the phone). Part of the point of GrapheneOS' compatibility layer is to allow us to run Google Play and the other apps as regular apps without them needing privileged access. They have access to so little, so using them is way less risky if your goal is to reduce the personal data they have access to.

SeaPanda117 If someone uses GrapheneOS and logs into the sandboxed playstore I know that all those apps will intercommunicate the same way they would on Google’s Android.

IPC only works if both apps are set up to communicate with each other. Computers are stupid and apps can't just talk to each other. Signal won't just start sending information to Google Play just because it's there. Google Play definitely can't make Signal or other apps start sharing private data.

You can consider looking into Molly, which is a fork of Signal. They have a FOSS version that you might be interested in:

To support a 100% free and auditable app, Molly comes in two flavors: one with proprietary blobs like Signal and one without. They are called Molly and Molly-FOSS, respectively. You can install the flavor of your choice at any time, and it will replace any previously installed version. The data and settings will be preserved so that you do not have to re-register.

(from their GitHub)

SeaPanda117 MS Recall

For this kind of thing to work, it would have to have very privileged access. There's nothing like this in GrapheneOS, nor can any app get the kind of access required to perform this level of spying.

SeaPanda117

de0u

In the post I did explain what I mean by private, but I may not have been clear enough. I apologize for that. I am asking specifically about the theory that the OS could use the NPU to grab all your conversations that you have in Signal pre-encryption. That is precisely what an NPU is designed to do, analyze what’s happening on device. This would allow the OS to analyze and (possibly) report back on what you are messaging without having to break the encryption. An example of this would be MS Recall in the way they originally wanted to roll it out. Yeah, you could use an encrypted app on windows but if you have an OS feature that analyzes what you do before is it still private? Not really.

Even with all that said, you inadvertently gave a valid and obvious answer to my question where I missed an obvious tree while looking at the whole forest lol. Just put Docs, Sheets, Drive, etc in another user profile!

I’m not highly educated in these areas and I’m working on rolling out self hosted services before switching to Graphene fully, so I appreciate your quick reply and patience!

p338k

SeaPanda117

Google Play Services do not have special access to Signal messages on GrapheneOS sine they are in the standard application sandbox. They are not privileged like on standard Android.

de0u

SeaPanda117 I am asking specifically about the theory that the OS could use the NPU to grab all your conversations that you have in Signal pre-encryption. That is precisely what an NPU is designed to do, analyze what’s happening on device.

Not really. What an NPU does is mostly matrix multiplication. Matrix multiplication can be used to analyze speech, or images, but without a speech analysis program or an image analysis program, nothing happens. An NPU is not an evil spirit with its own agenda spying on everything in your phone.