Updated: April 23, 2025
Around mid-February, I went to my local electronics store. My intention was to buy a Pixel 8/9 phone. The reasons were, I had heard mostly good things about the devices. When I (wrongly) chose to buy my smartphone in late 2023, one ultra-annoying Samsung A54, the two other devices on my consideration list were the Pixel and the Fairphone, and perhaps, to some extent, maybe the iPhone, primarily because of the promise of long-term support and patching. Then, recently, I began warming up to the idea of testing GrapheneOS, and that one is designed for Pixels.
I didn't buy the phone, because the store didn't have any in their warehouse, so it was a question of going onto their website and buying there, or going into the store at a later date. I sort of let it simmer for a few weeks, and then I encountered SafetyCore. This rude, unwelcome surprise suddenly made me question whether I ought to get the Pixel, at all. And in turn, this conundrum spurred the writing of this article.
Google's security track record
By and large, I don't like most Google's products. But they have done a few things really well. One, search, which was stellar for so many years, and then, they sort of ruined it lately. Two, Gmail. For a long time, it used to be the best webmail around, hands down. But then, Google somewhat ruined it, adding and removing features, but not in a good way. They also removed the lightweight, pure HTML version that used to work without Javascript. Three, security. Overall, Google does security better than most companies. Well, I guess they do understand the critical importance of protecting data, as that's their bread and butter.
Security is the focus of a number of initiatives that Google has been pushing lately. They want to make Android and Gmail more robust. What I don't like, and don't approve of, is the bundling of non-security features with the really nice and welcome security hardening tools.
Take 2FA, for instance. Google wants to drop SMS, because "it's insecure", and replace it with QR codes. Well, I could sort of agree with the first option, but the second? QR codes? What. QR codes are probably the most opaque method of information access that I can possibly think of.
Then, Google always says things ought to be modular, so that they can implement the concept of least permissions. This is even stated on their SafetyCore page, which is why they "shipped" it as a separate package (albeit without really asking people if they want this installed, which we will get to shortly). But then, the modularity principle does not align with something like this:
Bundling camera permission for Play Store services and Google Authenticator sounds like a contradiction of the principle stated above. Similarly, having SafetyCore offer protection from spam, phishing, malicious messages and alike is a fantastic thing. Having it also act as a "nudity nanny" undermines the entire concept.
And this is the funny thing. Until the SafetyCore "incident" so to speak, I wasn't really thinking much about Google Play and its services. I largely considered it an app store, for better or worse. Like any store, it's inundated with dross, but you can still find a couple of nuggets of value here and there. I didn't think anything ill of the automatic app updates or the Play Protect scan. I didn't bother sideloading any APK onto my phone, as the store was sufficient for what I needed.
Now, though, I have suddenly developed this whole new level of suspicion.
For one, I have toggled off automatic updates for apps, both on mobile and Wi-Fi networks. Google Play tells me how I could "lose my legal rights" if I use out-of-date software. Sorry, pals, that's not how it works. My legal rights are enshrined in the LAW of the country I live in. That sentence right there, that legalese, just alienates users, makes people even more suspicious. That sentence is the embodiment of the worst weasely characteristics of humanity. Perhaps it satisfies some regulatory checkbox for Google, but it breeds resentment among the users.
All of this ... It just reduces trust. And keeps reducing it.
I am also thinking whether to keep Play Protect active. Then, I'm thinking about the upcoming changes in the Play Integrity API. The integrations will harden the system, and make it less susceptible to malicious apps, especially side-loaded packages. On one hand, amazing, fantastic, fabulous. On the other, well ...
With my trust now eroded, I can't not think this may also restrict my ability to do things my way. The whole point of Android is its somewhat Wild West nature. In other words, apps may no longer run or "wish" to run if they detect certain changed to the underlying system that they deem undesirable, like say custom ROM or alike. This is okay, if you're 100% happy with being "locked" into Google's ecosystem, and using only applications installed from the Play Store. This may be tricky if you don't really want to use Play services so much. Or exclusively.
If you trust Google, you need not worry, right. Indeed, my paranoia levels were mild until the SafetyCore story. This completely changed my perception of the Android ecosystem. Now, I view a lot of the hardened, restrictive options as user-limiting. Suspicion has settled in, and it refuses to go away.
I'm now envisioning a scenario where you are 100% locked into the system, you can't really do much or anything outside of the official store, and lots of toggles and features will become mandatory, and you won't be able to uninstall them, or disable them, or both. You could ask, why would you. The answer is, why not. Humans have the right to privacy. Innocent until proven guilty.
More on this soon. Now ...
Google knows security. They really do. But then, I wonder why Android doesn't have its Lockdown Mode equivalent. On the same note, I wonder why the Lockdown Mode isn't the default setting in the iOS. There are so many ways the mobile computing can be more secure, without greatly harming functionality. At least what I consider functionality. For example, the loss of social media or ads or Bluetooth sensors would not bother me in the slightest. But I know I represent a tiny, tiny fragment of the population who considers their phones as secondary devices, and doesn't do much or anything important on them.
I am also aware that Google is trying to balance its profits with security. The problem is that this is always inherently a biased equation. Just to give you a few examples. Ads waste battery, they have been used to serve malicious content. Images embedded in email messages have been used as trackers. Removing these would instantly make things better. But then, people wouldn't be "enticed" to click on their emails, or interact with the system, or whatever. After all, impulsive buying in one of the major economic movers. Companies are making money off the fact most parents are really bad at their job and don't teach their offspring how to delay gratification, probably the most important emotional response in the world.
If someone asked me to design a phone setup, it would include the following options:
Plain-text email, no remote fonts, zero permissions by default (including networking) and strict prompts for required resources, no tracking of any kind whatsoever, no ability for people not in your contacts to send you links, images or attachments, separate sandbox processing for images, audio, video, attachments, and other media included in any message. This would be Lockdown Mode and then some.
The problem with what I suggest is that it would reduce "interaction" with the device, make people less dependent on the ecosystem, less likely to succumb to their impulses, less likely to spend money. This is not profitable, and so, the entire security model is so complex, because it tries to reconcile practices that are definitely anti-security.
For this reason, you pay premium for the iPhone, because part of this "price" is included, so you're less exposed to nonsense. In a way, this isn't a bad compromise. But it also implies you need to be rich and have enough money to buy expensive hardware. If you don't, then the whole thing devolves into an ad circus.
And you're supposed to jump when the circus master cracks their whip.Action, reaction
Over the years, time and time again, I've noticed the exact same trend, in every situation of this kind:
- A company rolls out a feature that I normally wouldn't mind, or might even WANT to use.
- However, because they push it out without consent, I now don't want to use it out of principle.
- Also, if they push it without giving me an option to disable it, I now don't want to use it out of principle.
Microsoft Defender anti-virus is a great example. It used to be optional. You could turn it on, off, no biggie. Then, Microsoft made it automatic. Still, you could disable the services. Then, they made the services almost impossible to turn off, and added extra checks to turn them on. I ended up even deleting entire Defender folders from the Linux live session, just to get rid of this thing. And of course, this also means I don't want to use BitLocker encryption, because that will prevent me from being able to log into a Linux live session, and remove Defender folders from the system.
You see, if Microsoft let me choose whether to use Defender or not normally, I would probably let it be, and I might even use their encryption. But now, it's a double no. I will do everything in my power not to use either one of these. In the end, they will lose a long-time customer. Over trifles.
This type of language aggravates me - because it portrays a loyal, smart user as an unruly idiot.
The same goes for Microsoft Account, and the mandatory setup during the login. I actually used an account in Windows 8 and early Windows 10 days. I used one for testing, for cloud stuff, exploration. I didn't mind it until Microsoft tightened the idiocracy screws. It's not about technology. In a way, I wouldn't really mind if Microsoft used my data. And I didn't! After all I used Lumia phones for years, from sweet 520 to awesome 950. Online stuff, no issue. Then, they became greedy and began treating me as an idiot. It's about respecting me as a human. And that triggers mistrust.
No, I don't want to "Connect now". Enhanced features like what ... profiling?
But power and control are so addictive. Ah!
In particular, during the pandemic, the big companies have all notched it to eleven, to an obsessive level. Now, they cannot get past themselves, they can't relinquish control. The sad part is they don't understand this is counterproductive. Long term, if you alienate all your users, they won't come back. There will be a critical tipping point sometime in the future. Maybe in a year, maybe five.
Back to Google ... You see, now I'm actually going to say NO to useful, practical improvements in system security, because my trust is no longer where it was, and because I refuse to be TOLD what to do, and not being given a choice to do something else. It's all one toggle away. Just one tiny toggle. Even if it's only an illusion of control, it still separates one from being a penned animal.
Let me explain this very bluntly: Someone pushes you into a room. They close the door. In one scenario, they give you a key to the door. You can leave any time you want. You're a guest. In the other, they don't give you the key. Now, you're a prisoner.
See the difference?
From devices to humans
Funnily, enough, this also applies to things like workplace surveillance. The reasons why companies would ever want to use something like this are: 1) clueless busybody managers need to justify their unwarranted self-importance 2) the managers want to "catch" the 5% "bad apples" that really abuse work conditions.
The outcome is hilarious. First, it's the managers' job to know what their people are doing. If they are unable to do this one job, they shouldn't be managers. Second, 95% honest employees look at the surveillance methods with skepticism and anger, and think: "wow, they consider us all criminals". So now, they will all act as criminals. People always, always behave how you treat them (except for a few opportunistic sycophants, that is). If only mid-management read a few books on basic human psychology. If only.
Now, 95% of people are busy finding ways to trick the stupid, invasive system. And no one is as creative as an employee who wants to LOOK busy. The same can be said of any pointless productivity metric for office workers. You want more tickets resolved? You WILL get more tickets resolved. You want more bugs in software squashed? No problem, people will write buggy code. You want people to be at their desk? They will be at their desk, obstinately so. This is like communal farms yield quotas, techbro style. Congratulations.
Back to devices ...
There are "choices" out there
You could always say, don't trust a company, don't use their products. Sure, so what does one do if they don't trust either Google or Apple? What smartphone are they going to use? What if their bank mandates some stupid app that only exists in the stores of the two ecosystems, Android and iOS? What then?
But let's assume for a second that Apple does things slightly differently. This is sort of true, and not true. Perhaps they have a more private stance, but they still have tons of annoying things in their ecosystems, including limiting choices that are "best for you". You're still an idiot, albeit a rich idiot.
For example, in Android, you can choose an MP3 song for your ringtone, easily. Or use the three-button nav bar instead of stupid gestures. Or simply copy files to and fro. On the iPhone, it took me years of fiddling until I finally found a way to load my own, offline music onto the device, first via VLC and then KDE Connect. Maybe these aren't critical security-related things, but they still represent scenarios where you are in a room, and you don't have the keys to the door. These limiting factors ain't good.
In many ways, what people choose to use is heavily influenced by what they choose not to use. You could say that some choices are simply anti-choices, a reactionary response. If I think about it, Microsoft is going to push me toward Mac, and Google's treatment of the Android is going to, at the very least push me away from the Pixel phone, seems like (unless I really decide to get one just to play with GrapheneOS), or even toward the iOS. Not something that I want, but something that may inevitably happen.
Another way of doing thing is to segregate everything, manually. A phone just to do one type of activity. A second phone to do something else. If it's something like banking, okay, then you get one of the more serious brands. For the rest, a couple of cheap devices would do. Virtual machines for Windows stuff. Go away from one-in-all mentality to as many ones as possible. A return to the pre-2000 computing.
Conclusion
It is so sad, so tragic that short-term greed guides so many business decisions. Why not go for the long-term greed. A happy customer is a loyal customer. That's what the sales people always prat about: recurring revenue. Well, someone who buys your stuff again and again meets that definition spot on. Perhaps the cycle is a bit longer, but it's exactly that. And people will be happy and loyal when they feel valued, and when they can trust the other party. That implies a sense of control, a modicum of dignity (privacy), and consent. All it takes is a bit of transparency, a little bit more reticence on behalf of these big companies in trying to assert their utter dominance over the world. But yeah, competing, conflicting concepts, I know.
And so, much as Microsoft alienated me with its choices, Google is now doing the same on the Android. Together, they are the best salesfolks for Apple. I never thought I'd ever consider Apple products for myself, but here I am, a peasant dreaming of luxury. I know it's all one giant illusion, one giant Stockholm Syndrome, all of it, but at least I can pretend to have control of some kind.
Can the trust ever be restored? I don't know. I'm not sure. For me, most of the time, once that threshold is crossed, there's no going back really. When it comes to Android, the freshest example in my mind right now, Google has done a lot of decent choices with the operating system security. Some of the upcoming changes are truly welcome. If only someone asked me rather than force them onto me without any regard to my desires. What a difference that would make! Well, back to my tinfoil.
P.S. The index page article teaser thumbnail (of Ivan Pavlov, yes that Pavlov) is in the public domain.
Cheers.