... Have you tried just using amazon on vanadium?
Also, if you are using amazon, I would hope you are also doing something to keep it from knowing where you live just by virtue of having stuff delivered to you. You are clearly serious, I just wanted to point that out just in case.
You paid with a credit card probably for the phone.
The credit card sold your name to the store. The store sold that information which included the serial number to a data broker. The data broker also bought phone identifier information from Google. These were sold to Amazon. You are using an App, it accessed the identifiers, and so it knew it was you.
Places like Target also use AI to track shoppers and so if you purchased there with cash your name could be linked to serial # of phone.
There are also cross prifile identifiers like WideVine identifiers and so if other profile has app that got real information and knew it was you then they can identify you in new profile.
angela It's not nearly as complicated. If they're not using airplane mode, the app can receive a country code even without a SIM. The answer is usually much more simple than people realize.
matchboxbananasynergy Why would there be a country code without a sim placed in it? Is there a country code based on the region the phone is sold in?
angela when not in airplane mode your radio is till active and device still connects to nearest cell towers.
angela https://grapheneos.org/faq#non-hardware-identifiers
Examples of the global OS configuration available to apps are time zone, network country code and other similar global settings
GlytchMeister Hi @fid02, @Dumdum, @PaulDavis @angela @[deleted] @secrec @Dumdumdingdong @Xtreix @matchboxbananasynergy @Michiel
Thank you all for being so attentive.
I'll try to give reply to a few points that have been made.
@GlytchMeister I don't actually want to use Amazon Shopping on high security setups, this behavior is something I observed on 2 other devices without graphene on it, what I wanted to do was to test it on graphene by downloading the app to make sure this wouldn't persist, but it did. Other apps are important for this setup that could potentially do the same thing, so I want to rule out that vulnerability.
As I mentioned earlier, I did try amazon on vanadium which of course works on containing access for amazon to more data, and this would seem to fix the issue. All apps that can be used on Vanadium I use in Vanadium for this reason, however this doesn't address the problem, the fact that any app can correctly guess or know your location and who knows what else under conditions that shouldn't give it more access than a mere internet connection; it clearly has access to more.
@matchboxbananasynergy The only permission I give the Amazon Shopping app is Network; in this case, it's the only one necessary to be able to use the app since it needs internet access. If I remove all permissions, the all doesn't work at all, it either crashes or it shows an error screen that doesn't tell me anything about what the app still knows, which wouldn't be that important under those conditions I think.
Graphene has this great feature on showing app logs, what I'm going to do next in a few minutes is show you the crash logs when all permissions are removed, I found them very descriptive of what the app is trying to access and that should probably say something.
@fid02 I did uninstall and reinstall on new profiles after having made changes to the devices timezone but the app still correctly guesses my location. I'm replying to this before checking your links which I will do next, however it might still be necessary to address the issue in different ways since I am not using SIM cards.
angela I did pay with a credit card, the possibility you present sounds very extreme and too specific, which makes it all the more important to point out if all that tracking is being done just as you purchase a phone, because this could also imply device tampering, which would be all the more horrifying. However I need to rule out much more direct and civilized ways to track me first, Amazon in particular has no business at all guessing my location with so much power.
Indeed there shouldn't be a country code without a SIM in it. Upon further analysis however, I would also be able to make sure an app can't access that information even with a SIM card on it. However I'm not testing with SIM cards installed at the moment, so I will leave that as a next step.
Xtreix timezone was changed, network country code was sort of ruled out since I'm not using SIM, so I still need to find a different identifier and make sure that at the very least it isn't too revealing.
I may check if there's anything about my router that could tell something, however my router setup is already pretty specific and I don't anticipate for that to reveal a lot, who knows tho.
I would like to invite others to replicate these conditions, particularly of they're outside the US which I'm just guessing would make any guesses from the app more evident, and see if the issue is present.
Basically it is: No sim card, Mullvad or IVPN in very extensive configurations: relaying ipv6, lockdown mode, etc etc. Removing all permissions except of internet access, everything in a profile dedicated to just test the Amazon Shopping app, and then just about any variable you can remove.
This is something I observed across different restrictive setups and devices but I found it extraordinary to still happen on a graphene phone.
I will be pasting the apps logs in my next reply, thank you all again.
angela Because SIM cards are just authentication tokens, basically. It's proving that you paid your bill, and that you can connect to certain cellular networks. Even without a sim card, you can connect to cell towers. This is why emergency services work without a SIM card. I don't know for certain, but I would guess that your country code can be determined in this way, even without a SIM card present.
DownWithBaradDur I may check if there's anything about my router that could tell something, however my router setup is already pretty specific and I don't anticipate for that to reveal a lot, who knows tho.
As fid02 suggested, it probably makes sense to investigate the router's country setting... https://serverfault.com/questions/549057/wireless-router-country-codes-what-issues-can-these-actually-cause
companies are getting better at identifying users by network characteristics. it could be something amazon does.
DownWithBaradDur I am not using SIM cards
DownWithBaradDur Indeed there shouldn't be a country code without a SIM in it.
DownWithBaradDur Basically it is: No sim card, Mullvad or IVPN in very extensive configurations: relaying ipv6, lockdown mode, etc etc.
Can you specify, did you have airplane mode enabled prior to installing the app?
gravity-reprint Even without a sim card, you can connect to cell towers.
matchboxbananasynergy If they're not using airplane mode, the app can receive a country code even without a SIM.
Apps can get your network country code if you have not disabled cellular via airplane mode or if you were to have one inserted or eSIM enabled (thanks de0u and @DeletedUser115)
IcyScroll gravity-reprint @angela @[deleted] @Dumdum @de0u @doct0rX @docsbibs92 @Dobroslav @dockcom @GlytchMeister @gravity-reprint @Xtreix @matchboxbananasynergy @Michiel
Before I read them myself in detail I will copy and paste the app logs for you.
The app crashes when no permissions are given to it, and these are the logs before the crash:
type: crash
osVersion: google/cheetah/cheetah:14/AP2A.240905.003/2024090400:user/release-keys
package: com.amazon.mShop.android.shopping:1241279016
process: com.amazon.mShop.android.shopping
processUptime: 1128 + 255 ms
installer: com.apkmirror.helper.prod
java.lang.NullPointerException: Attempt to invoke interface method 'boolean java.util.Enumeration.hasMoreElements()' on a null object reference
at java.util.Collections.list(Collections.java:5791)
at com.amazon.mShop.error.NetworkManager.getIPAddress(NetworkManager.java:136)
at com.amazon.mShop.error.NetworkManager.getCurrentNetwork(NetworkManager.java:69)
at com.amazon.mShop.error.DeviceInfoProvider.initializeNetwork(DeviceInfoProvider.java:117)
at com.amazon.mShop.error.DeviceInfoProvider.initialize(DeviceInfoProvider.java:56)
at com.amazon.mobile.error.log.EnvInfoProviderInitializer.initialize(EnvInfoProviderInitializer.java:75)
at com.amazon.mobile.error.log.EnvInfoProviderInitializer.initialize(EnvInfoProviderInitializer.java:95)
at com.amazon.mobile.error.log.AppErrorDescriptor.backfillEnvInfoFields(AppErrorDescriptor.java:240)
at com.amazon.mobile.error.log.AppErrorLogHandler.log(AppErrorLogHandler.java:117)
at com.amazon.mShop.web.MShopWebViewClient.showErrorPage(MShopWebViewClient.java:394)
at com.amazon.mShop.web.MShopWebViewClient.onReceivedError(MShopWebViewClient.java:638)
at com.amazon.mShop.web.MShopWebViewClient.onReceivedError(MShopWebViewClient.java:724)
at com.amazon.mShop.web.MShopWebViewClient.onReceivedError(MShopWebViewClient.java:696)
at WV.XB.e(chromium-TrichromeWebView6432.apk-stable-661312733:70)
at WV.Q5.handleMessage(chromium-TrichromeWebView6432.apk-stable-661312733:406)
at android.os.Handler.dispatchMessage(Handler.java:107)
at android.os.Looper.loopOnce(Looper.java:232)
at android.os.Looper.loop(Looper.java:317)
at android.app.ActivityThread.main(ActivityThread.java:8623)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:580)
at com.android.internal.os.ExecInit.main(ExecInit.java:50)
at com.android.internal.os.RuntimeInit.nativeFinishInit(Native Method)
at com.android.internal.os.RuntimeInit.main(RuntimeInit.java:369)And the next are the logs after:
In the logs, you can see the first line I found where the real country is mentioned. I took my time to pseudonimyze all country code and country code specifics like language to Mexico (mx):
CountryDetector: Getting network based country iso: mx
Then there are several other lines setting up country and language on the app, you can find them my searching "mx" on the file.
Here are the full logs:
https://drive.proton.me/urls/DR50KXP204#zLD9WXupyhIx
I think android developers would be able to draw very deterministic details about this. Keep in mind it'd be ideal to have ways to block whatever attribute the app is drawing or to at least be able to mock it.
IcyScroll Installing and opening in airplane mode gives slightly different results. Most of the app is first in English and not on the real country's language, except for one button.
The sign in button is defaulted to the real country's language and to the real countries website.
If you proceed without sign in, they still redirect you to your real location's website, even without internet since it's on airplane mode.
I posted the logs above which should be a lo more revealing.
DownWithBaradDur If you proceed without sign in, they still redirect you to your real location's website, even without internet since it's on airplane mode.
Did you try with airplane mode on while connected to WiFi? That was matchboxbananasynergy's suggestion.
fid02 how could I connect to wifi with airplane mode on?
Activating airplane mode will fully disable the cellular radio transmit and receive capabilities, which will prevent your phone from being reached from the cellular network and stop your carrier (and anyone impersonating them to you) from tracking the device via the cellular radio. The baseband implements other functionality such as Wi-Fi and GPS functionality, but each of these components is separately sandboxed on the baseband and independent of each other. Enabling airplane mode disables the cellular radio, but Wi-Fi can be re-enabled and used without activating the cellular radio again. This allows using the device as a Wi-Fi only device.
DownWithBaradDur You can. Just try it.
Hi community, it's been about a day I wanted to remind the community in case anyone else has some knowlege of android or the OS's development to interpret the logs.
I have some degree of understanding of what's going on but Im not specifically an android developer. The situation on my side is even more critical now personally and I really want to be extremely thorough in my setups before I move on to other steps.
Is there any way to get to the right people to interpret we've been able to observe so far?
Thanks everyone.
Hi community I thought I had replied.
It's been about a day I wanted to remind the community in case anyone else has some knowlege of android or the OS's development to interpret the logs.
I have some degree of understanding and awareness of what's going on but Im not specifically an android developer. I also don't want to take this to other forums because this could be an important security issue and I need better awareness before doing that, usually security bugs and flaws must be addressed with discretion and since this is something any other app can do I want to bring awareness to it in a responsible way.
The situation on my side is even more critical now personally and there's a lot of fear locally towards the recent and ever more unscrupulous tactics of government, I really want to be extremely thorough in my setups before I move on to other steps since we have 2 acquainted dissident politicians who were tracked down and disappeared by authorities just yesterday to avoid them from reaching congress, I'm not sure we'll see them again.
Rest assured I can understand technicalities and implement them being part of the profession but I want to be guided not only to be time efficient but to be methodic bringing in the observations of more specialized people in the mobile OS subject and making sure more competent people has awareness.
Is there any way to get to the right people to interpret what we've been able to observe so far?
Thanks everyone.
DownWithBaradDur Did you try setting the phone in airplane mode and then enable WiFi? That is the suggested solution to the concern that you raised in your first post in this thread. Are you willing to try the suggested solution and report back?
