If I correctly understand Google's overly-complex privacy UI, people can disable the storing of their interactions with the "traditional" Google Assistant. Google will reportedly be phasing out Google Assistant during 2025 and is replacing it with Google Gemini Assistant. According to this Google support page , it appears that there is no way to prevent Google from storing (and reading) everything you say to their "improved" assistant: > **Even when Gemini Apps Activity is off**, your conversations will be saved with your account for up to 72 hours to allow Google to provide the service and process any feedback. This activity won’t appear in your Gemini Apps Activity. Google says all your conversations with their Gemini Assistant will be saved "with your account", but I'm not seeing them disclose ***where exactly*** all your conversations will be saved. Nor does Google mention any way to manually delete sensitive conversations or accidental recordings that Google makes when it mistakenly thinks people are talking to their AI bot. Am I interpreting Google's words and actions correctly? **Is Google's new Gemini Assistant much less private than the product it is replacing, given that Gemini Assistant *always* saves every conversation you have with it for up to 72 hours?**

I use Linux for half a decade now, so I am not used to dealing with viruses anymore. To my surprise, I saw some discussion about antiviruses in Android. I haven't installed any yet, but this bugs me: are they really necessary? Are there (or were) any known viruses in the market? Doesn't Google runs an antivirus before allowing an app to the market? I haven't had any problem in one year of Android, but my cell phone has a lot of important information, and I wouldn't like to be surprised with some virus cleaning my phone, or making international calls while I sleep, or whatsoever. Should I install an antivirus?

I would like to know whether on an Android device it is possible to: 1. Log the date and time of every time a password is entered on my Android phone (this security measure would mean that if someone in my home sees me enter a password without me noticing it, and then uses it to log into my phone, I would then be able to see whether this happened or not to take care of my suspicion). 2. As an extra step, I would like to log all activity once the login screen is bypassed as well (for instance the date an time and application name for each time an application is opened. This is because, while my phone is password protected, once I make the screen go blank by pressing the hardware button on the right, some time goes by until a password is required: I have things set up this way so that I don't have to enter the password just so often). So, is there a way to log all user activity when the lock screen has been bypassed as well? The device I have is a Samsung Galaxy SIII Neo running Android KitKat 4.4.2. The device has been rooted. Thanks!!!

I often receive the following error message when attempting to perform Android security updates: > There was a network error while downloading the update. Please try again later or connect to a different network. In researching this error message, it is apparent that many other people have been reporting the same issue for years: - Update cannot be downloaded on specific networks : GooglePixel https://old.reddit.com/r/GooglePixel/comments/10whijh/update_cannot_be_downloaded_on_specific_networks/ - Not able to update to android 15. Shows error in network while downloading although connected to WiFi - Google Pixel Community https://support.google.com/pixelphone/thread/322921191/not-able-to-update-to-android-15-shows-error-in-network-while-downloading-although-connected-towifi - Pixel 7 System Update Fails : GooglePixel https://old.reddit.com/r/GooglePixel/comments/ycejcz/pixel_7_system_update_fails/ - There was a network error while downloading the update. Please try again later or connect to a diffe - Google Pixel Community https://support.google.com/pixelphone/thread/205161477/there-was-a-network-error-while-downloading-the-update-please-try-again-later-or-connect-to-a-diffe Over the years, people have offered "magical" solutions, such as toggling WiFi on and off, which likely has nothing to do with the real issue. Yet some do claim that such actions have temporarily fixed the issue (not myself, though). What's even more odd is that those reporters have not indicated they made any additional changes. In Google's latest Android version, Android 16, this issue is still present. Ironically, the issue seems to be most prevalent on Google's own Pixel devices. Does anyone know what is causing this bug and how to actually fix it? Update --- A couple of our community members asked some good questions... here are the answers: - The issue occurs regardless of whether WiFi or carrier data is used. - I've seen the issue occur on many Google Pixel devices, starting with the Pixel 4. Online reports indicate it was present going back to at least the Pixel 2. I've seen this issue on several Samsung devices as well, although online reports of this issue tend to mention the Pixel devices more often than Samsung devices. - Regarding proxies, VPNs, or blocked ports/servers, I need to investigate further. It definitely happens on a wide range of devices and on a wide range of networks, but perhaps there is a common element that I can discover.

I recently decided to enhance my online security by changing all my passwords and activating Two-Factor authentication for most of the services I use. I updated my passwords in Google Password Manager and enabled on-device encryption. After updating my Google Account password, I was automatically logged out of all my devices. However, when I tried to access my passwords in Google Password Manager, I received a message saying that I couldn't access my encrypted data on the device I was using. The message suggested that I should try using a device that I recently used to sign in to my Google account: > for security, you can no longer access your encrypted data on this device. try again using a device that you’ve recently used to sign in to your google account. What I have tried: 1. Checked the Web & App Activities settings on your Google Account and turned it Off and then On again. 2. Checked the cookies settings on your browser. 3. Confirmed that Sync is not paused in Google Chrome. 4. Cleared data in Google Chrome and turned Sync off, signed back in, and turned Sync on again. 5. Checked the Device Activity page on your Google Account and confirmed that Sync is On and not paused on the devices you recently signed out of. 6. Restarted my device and waited for bookmarks and passwords to load. Despite trying these steps,I still cannot access my encrypted data on the device I am using, and I am looking for further help.

I have a pixel 9 Pro and I got a replacement for some hardware issues recently. I'm trying to copy all settings over and I noticed that advanced protection (under security and privacy) is not available on the new phone. Both phones are the same model and have been updated to the same OS, security patch, and play services version. I cannot figure out why the seeing isn't available on the new phone. Does anyone know what I can check?

Is there a way to lock access to the settings app on a Samsung Galaxy. I have a Samsung Galaxy S22 5G. I want to know if there's a way to lock access to the settings on it.

As this post explains, Google has simply forbidden executables in writable app home directories from Android 10, making termux not working any more on Android 10. However, I have multiple machines with much higher android versions and Termux runs in them without any problem. On my only Android 10 phone (motorola moto e7), it does not (playstore says it is incompatible; f-droid version stops with cryptic error message). What is going on? Can I somehow trick termux into the moto e7, maybe an older version?

I need to run an IoT control Android app with network access that also insists to have permission to access local media files, or its a no-go. I don't fully trust this app and I don't want to grant it such permission. Is there a way to run it inside a container of some sort, where it will just see "empty" local storage. The phone is Pixel 5 with all the latest updates.

Some apps don't allow screenshots so how can I still take a screenshot? It is my phone and I should be able to do whatever I want with it so why is there even a feature to disallow screenshots? Android 5.0.1

I had some files/photos, etc. on the Gallery Vault app on my phone - they were saved to my SD card. My SD card has been lost/possibly stolen. I just wanted to check if someone could access these files in any way? I assume the answer is no, but just wanted to check.

If I am home, I am only using Wifi with 5G OFF. If I am out somewhere, work, etc. I use 5G with Wifi OFF. **The question: can I enable Wifi+5G always ON?** Thinking of security issues like: - if someone can break in to my phone via the internet/5G network, it can see my internal network (since Wifi is ON) - if Wifi is always enabled while I am outside home, can it be used maliciously? eg.: forcing my phone to connect to a fake wifi network?

Is it possible for third-party SDKs integrated into my Android app, to access API keys or other sensitive data from my app's code or data? How can I ensure these SDKs only access the data they absolutely need?

My relative accidentally uninstalled a critical app from my Android phone, which is very unfortunate. The use case is **"hold icon -> uninstall -> accept"**, which is ridiculously easy to do by a 2-year-old. How do I configure Android so it requires a PIN or unlock pattern before uninstalling an app?

I would like to know what one would have to do to remove DRM (Digital Restrictions/"Rights" Management) completely from an Android phone that one has root access to. So far, I have thought about removing /etc/drm, /etc/dcmrcm, and /system/bin/drmserver.

When sourcing .apk files from 3rd party sites such as [APK Mirror](https://www.apkmirror.com/) or [APK Pure](https://apkpure.com/) , is there a way to verify whether said files are tampered with, from a potential malware inclusion point of view? As an example, let's analyze [this YouTube package](https://www.apkmirror.com/apk/google-inc/youtube/youtube-18-45-43-release/youtube-18-45-43-android-apk-download/) . It lists signature(s) and claims they're verified, but what to compare the hashes _against_? How does the community generally navigate this topic?

Fonts in Android are kept in /system/font directory. There seems to be no way to install custom fonts without rooting your Android or installing some apps. - Why has Google made it almost impossible for Android users to install custom fonts? - What was the engineering decision that led fonts not getting picked up from ~/.fonts/ user directory as happens in a standard Linux Distribution? The same behaviour is seen in ChromeOS as well.

The AOSP biometic guidelines state that for class 2/3 biometrics: > Biometric acquisition, enrollment, and recognition must occur inside > the secure isolated environment to prevent data breaches and other > attacks I can see this being feasible for fingerprint-based biometrics. But I'm quite surprised that the entire process of facial-recognition on for example, a Samsung smartphone is all happening inside the TEE. That would presumably mean image capture, detection of features, preprocessing, biometric template generation has all been ported to what I'm assuming is a resource-constrained environment, yet it typically runs within a fraction of a second. I'm wondering if anyone can shed some light on this niche area and confirm whether all the processes in the pipeline occur in a TEE, or whether there is in fact a hybrid system wherein some image processing is happening outside of the TEE.

I have gone through this post Silent app installation wherein it clearly mentions it's highly impossible to self install the application without going through the whole installer proceedure.But when i read this one Remotely Installing Unwanted Apps on Devices i didn't understand how this is even possible I am aware of the android applications run in a sand box environment so one application cannot install/interfere another until and unless it has an process Id or something/referencing and also should have the user permissions to do so but with the recent silent app installation by some OEM is making me doubt about this security issue. When one app can then why can't other apps follow suit . Please avoid answers like don't use Internet at all/root the phone/stop purchasing the devices of that particular make ,company. The above link might help in some clear understanding

Unfortunately, I lost my phone yesterday, it was Samsung S24 Ultra phone. I had enabled all the safety features on the device for both Google (Find Device) and Samsung's own tracking service. However, the thief has turned the device off and it has not been switched on since, not even without network, wifi, or SIM. I had enabled the "find my device even when offline" settings; however, even this setting would require the device to be at least switched on. I am now trying to recover the Google Maps timeline using another device, but I am encountering this message: **For security, you can no longer access your encrypted data on this device. Try again using a device that you've recently used to sign in to your Google Account.** **Visit g.co/OnDeviceEncryption to learn more.** An important piece of information — I promptly changed my Google account password after the theft (I still know both the old and the new passwords). I even tried changing it back to the old password, thinking that the encryption might be tied to it, but I am still seeing the same error message. How do I get past this screen and regain access to my data? Needless to say, I am extremely upset not just because of losing an expensive device, but also because I am at risk of losing access to over two decades of my maps timeline history. Any help will be appreciated. " class="img-fluid rounded" style="max-width: 100%; height: auto; margin: 10px 0;" loading="lazy">