This may be another awful "new shiny" surveillance feature:
Is GOS aware and how will this play out in GOS devices?
Pixel 9 AI that records and transcribes calls
- Edited
GOS is based on AOSP and does not include proprietary pixel features.
DeletedUser131 GOS is based on AOSP and does not include proprietary pixel features
That go for all the AI glitzy (read surveillance) features Google is cramming the 9 with?
Posting links without specifics that address generics is only somewhat helpful.
Currently, the Pixel features the Recorder app, which transcribes recordings and has done so since at least the Pixel 4. Late last year, Google boosted the app on the Pixel 8 Pro with the addition of Gemini Nano updates. This included a summarization function that created a summary or bullet points of a transcription.
The Recorder app is already fairly robust, so the question is how the Call Notes feature will be presented? Is it an extension of the Recorder app or will it be integrated into the Phone app and part of a live recording and transcription?
It's possible Google will continue to utilize the on-device Gemini Nano to do all of the recording and transcribing for Call Notes on the phone, which could help with privacy issues.
It would be good to know if the recording feature and others is prohibited by GOS. The link addresses software, but it doesn't seem clear if this could be a hardware feature.
GeorgeSoros Posting links without specifics that address generics is only somewhat helpful.
I agree that we may be talking past each other.
It seems to me -- and this is just me, maybe nobody but me -- that you have asked several times: "How will the GrapheneOS community survive the existential threat posed by Google's upcoming Pixel 9 feature X?". "X" is different for different questions: maybe satellite communications, maybe the Recorder app.
And it seems to me that, several times, for different values of X, an answer has been presented:
- Just because the hardware on a device has the capability of doing something does not mean that the hardware can actually do that thing unless it is (extensively!) directed by software,
- Just because Google has proprietary software to make Pixel hardware do X does not mean Google will contribute that software to AOSP,
- Even if Google does contribute something dangerous to AOSP, if the GrapheneOS developers don't like it, they can remove it,
- Even if Google does contribute something dangerous to AOSP, and the GrapheneOS developers somehow decide to ship it, GrapheneOS is open source, so other people can fork it and remove the bad thing.
From that perspective, it doesn't much matter what X is, because all of the X's (a) require software, (b) that software is unlikely to be part of AOSP, (c) that software can be removed from AOSP by GrapheneOS, and (d) that software can also be removed by anybody else.
So from that perspective novel Google feature X is pretty unlikely to be an existential threat to the GrapheneOS community for the medium term, no matter what X is. Sometime down the road, hypothetically, Google could build AI agents for future hardware into future firmware that can't be removed. If that happened, the GrapheneOS community should be able to survive -- perhaps somewhat grimly -- at least until the end of firmware support for the 8a, which is likely 2031.
If X1 is extremely unlikely to pose an existential threat to the GrapheneOS community before 2031, and X2 is also extremely unlikely to pose an existential threat to the GrapheneOS community before 2031, likewise for X3 and X4 and so on, then the "generic answer" may turn out to be exactly the correct answer, and thus also "helpful".
- Edited
GeorgeSoros It would be good to know if the recording feature and others is prohibited by GOS. The link addresses software, but it doesn't seem clear if this could be a hardware feature.
These days basically all "hardware features" are implemented using software. Keyboards, mice, USB DACs, Bluetooth headsets -- all are controlled by software that controls them. Very little happens -- especially not complicated things like image recognition or voice recognition or talking to satellites -- without software.
On a smartphone, the camera does not spy on the user unless the camera app, or some other malicious software, uses the camera to spy on the user. The microphone does not spy on the user unless malicious software uses the microphone to spy on the user. The GPS hardware does not spy on the user unless malicious software collects location data from the GPS hardware and sends it to somebody.
Pixel phones contain "AI hardware", e.g., a TPU. But a TPU is not an AI. A TPU is hardware that multiplies and divides lots of numbers per second in certain patterns. If certain patterns of numbers are fed in, the result is image recognition, or voice recognition, etc. But the image recognition (or whatever) is a function of the software that picks which numbers to feed into the TPU in which pattern. The TPU itself is not an AI that is spying on users. The TPU does nothing (good or bad) without extensive direction by software.
Android phones running Google's OS have hardware support for waking up when spoken to (e.g., "Ok, Google"). But GrapheneOS ships without software to enable that function. The hardware feature is not a threat, because there is no software using that hardware.
de0u Even if Google does contribute something dangerous to AOSP, if the GrapheneOS developers don't like it, they can remove it,
Even if Google does contribute something dangerous to AOSP, and the GrapheneOS developers somehow decide to ship it, GrapheneOS is open source, so other people can fork it and remove the bad thing.
Hence vocal supporters like myself should point these potential threats out for the developers to cross check to ensure best sec and privacy optimizations.
Sometime down the road, hypothetically, Google could build AI agents for future hardware into future firmware that can't be removed. If that happened, the GrapheneOS community should be able to survive -- perhaps somewhat grimly -- at least until the end of firmware support for the 8a, which is likely 2031.
2031 picked by you because that's when the Pixel 8 ceases updates, meaning the Pixel 8 may be the last Pixel to likely not get these troublesome AI agents that can't be removed?
GeorgeSoros Hence vocal supporters like myself should point these potential threats out for the developers to cross check to ensure best sec and privacy optimizations.
Multiple community members have addressed these concerns. The GrapheneOS developers know just as well as the rest of us that adding chips to phones doesn't mean an AI is living inside. Same thing goes for adding apps to their stock OS. AOSP isn't affected and since most AI features are part of apps, interested GrapheneOS users can install those apps and they may work (or not, depending on the privileges the apps expect).
Also, as de0u has mentioned, the developers can just remove anything that may reduce privacy or security.
GeorgeSoros 2031 picked by you because that's when the Pixel 8 ceases updates, meaning the Pixel 8 may be the last Pixel to likely not get these troublesome AI agents that can't be removed?
I can't answer for de0u, but they did say "hypothetically".
other8026 since most AI features are part of apps, interested GrapheneOS users can install those apps and they may work (or not, depending on the privileges the apps expect).
This raises an important question:
How does one know if the apps they download are free of any troublesome AI components?
Does GoS restrict Meta, X or Whatsapp AI components if they are embedded in the apps themselves?
GeorgeSoros How does one know if the apps they download are free of any troublesome AI components?
Unless the application explicitly tells you, or unless you're able to examine the code properly, you can't tell.
None of my current apps use AI so I can't give a concrete example, I think it would also be better to define what you consider "troublesome"..
GeorgeSoros Does GoS restrict Meta, X or Whatsapp AI components if they are embedded in the apps themselves?
I don't know and I'm not sure I understand what you mean by "components" here, at this point it may be best not to use the application if an AI function becomes too worrying for you.
Xtreix Does GoS sandbox help at all restrict AI functions built into Wayz, Google Maps, Whatsapp, X or meta? Specifically any AI functions listed above, especially capable of secretly recording convos, and track location...
What's the best way to download/use these apps on GoS?
I'm hearing most AI comes through apps, not hardware, hence the question on how to mitigate.
GeorgeSoros
Obligatory "Apps can communicate with mutual consent (IPC)" post.
If you want to avoid apps doing this, simply isolate any suspect apps into a profile of their own, away from sensitive data. For extra measure, you could even set the profile to not run in the background if you wish, so that the profile will close and lay in encrypted state when you switch to another profile.
de0u Sometime down the road, hypothetically, Google could build AI agents for future hardware into future firmware that can't be removed. If that happened, the GrapheneOS community should be able to survive -- perhaps somewhat grimly -- at least until the end of firmware support for the 8a, which is likely 2031.
GeorgeSoros 2031 picked by you because that's when the Pixel 8 ceases updates, meaning the Pixel 8 may be the last Pixel to likely not get these troublesome AI agents that can't be removed?
The 8a has already shipped, without hypothetical mandatory AI in the firmware. It is thus highly likely that the 8a will never have hypothetical mandatory AI in firmware.
To be clear, there is no indication that the 9 series, or 10 series, etc., will have AI in firmware at all. And there are technical reasons why this is not likely to happen.
So I am absolutely not predicting that the 8a is the last anything, or the 9 series is the first anything. There is no reason at present to expect, or even suspect, that.
GeorgeSoros Does GoS sandbox help at all restrict AI functions built into Wayz, Google Maps, Whatsapp, X or meta? Specifically any AI functions listed above, especially capable of secretly recording convos, and track location...
Location tracking is not an AI function. GrapheneOS already allows control over app access to location data.
Recording conversations is not an AI function. GrapheneOS already allows control over access to the microphone.
If an app is granted access to location data or access to the microphone, it is somewhere between difficult and impossible to monitor or control what the app does with the data. This is a big reason to prefer open-source and/or nonprofit apps.
de0u If an app is granted access to location data or access to the microphone, it is somewhere between difficult and impossible to monitor or control what the app does with the data. This is a big reason to prefer open-source and/or nonprofit apps.
So there's no privacy enhanced way to use meta, x, wayz and email apps with GoS...in other words GoS adds no additional privacy/security protection with these apps than stock Android already does if the app settings are the same?
Goal is to use meta, x and other normal apps but hopefully with far more privacy protection than using them on stock Android.
To that end any suggestions on how to go about that are appreciated.
Such as sideloading apps, if that helps, or anything else people recommend...
GeorgeSoros So there's no privacy enhanced way to use meta, x, wayz and email apps with GoS...in other words GoS adds no additional privacy/security protection with these apps than stock Android already does if the app settings are the same?
The fundamental operation of Facebook is that you provide behavioral data (what you view, what you share, what you post) and they sell things based on your behavior.
There is no technological trick that lets you give a web site behavioral data tied to your identity but then stop them from making decisions about you based on the data you provide.
Even if you take measures to conceal your identity, a big company with extensive behavioral data and computational ability may be able figure out who you are. If there is somebody named "Alice Smith" in Minnetonka who watches lots of videos about homemade chocolate on an iPhone, and then that account vanishes and suddenly there is an account called "George Soros" on a Pixel running GrapheneOS, who watches lots of videos about homemade chocolate, connecting from a VPN server in Bavaria, but at the same times of day as Alice from Minnetonka used to... FB may just conclude the two accounts are the same person. FB is in the behavior business. Which OS you run is not something they care a lot about.
GrapheneOS does add lots of security. But since it does not stop you from providing behavioral data to a web site you voluntarily interact with, it can't provide a magic privacy shield.