On installed app I see this package:
com.android.server.deviceconfig.resources

Following Google:
https://support.google.com/android/answer/9021432?hl=en

The Android Device Configuration Service periodically sends data from Android devices to Google. This data helps Google ensure that your device remains up-to-date and is working as well as possible.

Categories of collected data
Here are some examples of the data collected through the Android Device Configuration Service and what we use them for:

Category
Examples of data
How Google uses the data
Device & account identifiers
IMEI, MEID, and ESN numbers
Device serial number
Google Services Framework Android ID (or "Android ID") Note: This is different than the Settings Secure Android ID.
Google Account (when it's activated)*
MAC addresses
To protect your account, we use device identifiers to help us detect suspicious sign-in behavior.
Device attributes
Hardware type
Product
Model
Manufacturer
Supported native platforms / CPU types
Keyboard, navigation, & screen layout types
Screen size (height & width in pixels)
Total memory
Locale
Time zone
Google Play may use attributes like screen layout to ensure you're offered compatible software versions.
System & security software versions
OS build string (also known as OS build fingerprint )
OS build timestamp
Android version
Google Services version
The security patch level on your device is used to determine if you need an update.
Network connectivity & performance
SIM & mobile operators
IP address
SIM subscription data (SIM operator MCC/MNC, carrier name, roaming state, defaults roles for the SIM, truncated IMSI with last 5 digits rounded down, Group ID Level 1)
Timestamps for the last 50 configuration connections to the Android Device Configuration Service & the build information for the last 10 connections with build changes
Timestamps & HTTP response codes for the last 10 configuration connections that failed
We use anonymized data about how devices connect to mobile networks to optimize the trade off between maintaining connectivity and preserving battery life.

    No. It's not spyware. It's part of AOSP. As stated on its website, GrapheneOS is a private and secure mobile operating system with great functionality and usability. It starts from the strong baseline of the Android Open Source Project (AOSP) and takes great care to avoid increasing attack surface or hurting the strong security model. The developers wouldn't include anything nefarious...

    • [deleted]

    If it helps, the size of the app is exactly 0B. That is a lot of code!

    I couldn't find any correlation between your linked article and the actual source of this service:

    https://android.googlesource.com/platform/frameworks/base.git/+/master/services/java/com/android/server/SystemServer.java
    https://android.googlesource.com/platform/frameworks/base/+/master/services/core/java/com/android/server/display/DisplayDeviceConfig.java

    There are no network or hardware identifiers collected in those java files as well, and stock AOSP for sure doesn't
    send them to Google. What you linked to is part of MDM:
    https://www.airdroid.com/mdm/android-device-configuration-service/

      leafnose
      My reply wasn't to you, it was meant for @AdabAska and the link he posted.

      The 'com.android.server.deviceconfig.resources' service is part of AOSP and is pretty
      benign, there is nothing in the source that can indicate something being sent to Google.
      This is the "systemd" of Android:
      https://stackoverflow.com/questions/34651015/what-is-systemserver-for-android

      I think OP mixed between MDM and a similar privileged app name in the list.