this post was submitted on 19 Feb 2025
145 points (99.3% liked)

Open Source

34453 readers
183 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
all 38 comments
sorted by: hot top controversial new old
[โ€“] [email protected] 36 points 3 weeks ago* (last edited 3 weeks ago) (2 children)

For the out of the loop, but also lazy:

Android app that reveals installed apps which may be leaking your location data.

[โ€“] [email protected] 15 points 3 weeks ago

"Leak"

Bro the data is being stolen for fucking criminals. Call this crime what is.

You got threat actors using contract law in bad faith to exploit stupid, poorly educated peasants

But hey good thing they got nothing to hide ๐Ÿคก

[โ€“] [email protected] 13 points 3 weeks ago

Additional info for the lazy: the name of the company is "Gravy Analytics", hence the name "Gravy Scanner" for this app. It's a large data broker, and they don't bother with pesky little details like "informed consent".

Anyway, they got hacked a month ago, and the hackers threatened to publicly release all the data.

https://slrpnk.net/post/17048112

[โ€“] [email protected] 20 points 3 weeks ago (1 children)

Developer here. I hacked this app together after reading the story and didn't touch it since, hence why it's not very polished.

I've just released 0.2 which makes it clearer when no affected apps are installed.

[โ€“] [email protected] 2 points 2 weeks ago

Good luck and thanks

[โ€“] [email protected] 16 points 3 weeks ago (2 children)

Outlook being on that list is crazy.

[โ€“] [email protected] 5 points 3 weeks ago

Office 365 too

[โ€“] [email protected] 2 points 2 weeks ago

All kind of sh*t must be expected from closed source apps tbh

[โ€“] [email protected] 10 points 3 weeks ago* (last edited 3 weeks ago) (6 children)

I get a blank screen. Broken or does that mean I have none? On GrapheneOS

[โ€“] [email protected] 8 points 3 weeks ago (1 children)

Most likely, that means you're clean. On mine, the output is just a white screen with a list of the affected apps... Clicking on one of them takes me to that app's settings.

It does that one thing, with no explanations or instructions, so it wouldn't surprise me to learn that it doesn't show a message to indicate that nothing was found.

[โ€“] [email protected] 1 points 2 weeks ago

Yup, Dev replied in another comment and updated it.

[โ€“] [email protected] 6 points 3 weeks ago

Yay for team blank screen... I think?

[โ€“] [email protected] 5 points 3 weeks ago (1 children)
[โ€“] [email protected] 2 points 3 weeks ago (1 children)

I guess one could install an impacted app to test.

[โ€“] [email protected] 2 points 2 weeks ago (2 children)
[โ€“] [email protected] 2 points 2 weeks ago (1 children)

I did. The app works.

If you have an impacted app installed, it'll flag it.

If you don't, the screen is blank (white for me).

App could use a "if/else" type statement, where if none are found it'll say "None found".

[โ€“] [email protected] 1 points 2 weeks ago* (last edited 2 weeks ago)

I thought the same too, but iirc the developer said he released an update that contains this

[โ€“] [email protected] 4 points 3 weeks ago

We're team "fuck no!". Welcome to paradise.

[โ€“] [email protected] 2 points 3 weeks ago

Same question, on vanilla android.

[โ€“] [email protected] 2 points 3 weeks ago

I think it means you're clean. I use GOS, it gave me one entry (Viber)

[โ€“] [email protected] 8 points 3 weeks ago (1 children)

I've got several hits, but none of them have permission to request my location. If I understand the README correctly, that should mean I'm safe, right?

[โ€“] [email protected] 1 points 3 weeks ago (1 children)

Location could also imply IP address-based location, and not necessarily GPS.

[โ€“] [email protected] 8 points 3 weeks ago (1 children)

True, but at that point, every website I'll ever visit and have visited in the past might be a threat, so that doesn't really matter too much to me.

[โ€“] [email protected] 2 points 3 weeks ago

every website Iโ€™ll ever visit and have visited in the past might be a threat

In that sense, you are right. However, there are ways to cloak your IP address and location.

Privacy is a massive rabbit hole depending on what threat you are trying to protect yourself from. Sometimes, the effort (and the stuff that breaks along the way) isn't worth it.

If location implies an area extending 300ย km in either direction, does it really matter? To most people, not really.

[โ€“] [email protected] 7 points 3 weeks ago (1 children)

Ugh flightradar24 is a hit. Really??

[โ€“] [email protected] 1 points 3 weeks ago

I don't need this app to know flightradar is a risk.

[โ€“] [email protected] 6 points 3 weeks ago

Most British app ever made

[โ€“] [email protected] 6 points 3 weeks ago (1 children)

I was surprised to see SoundCloud on the list, now I have to recreate my music list in newpipe ๐Ÿ˜

[โ€“] [email protected] 5 points 3 weeks ago* (last edited 3 weeks ago)

Or go back to the good old days and download/rip what you like to .mp3, .ogg, or .flac depending on your peference.

I have several thousand songs on my phone that I can listen to without the need for an internet connection, subscription fees, accounts, or anything.

There are tons of good FOSS local music player apps out there that you should check out. I use Auxio from the F-Droid store but have used others in the past.

On desktop, I use Elisa.

You can make sure your library is always up to date with your desktop by using syncthing.

[โ€“] [email protected] 5 points 3 weeks ago (1 children)

Thanks! I uninstalled everything it listed. Pluto.tv, outlook, and Sonic.

[โ€“] [email protected] 4 points 3 weeks ago
[โ€“] [email protected] 5 points 3 weeks ago

Vampire survivors? Damn

[โ€“] [email protected] 2 points 2 weeks ago* (last edited 2 weeks ago)

Oh great, the Belgian good alternative for piece of shit Facebook marketplace is on there... 2dehands.

We can never have nice things...

Also Good Pizza Great Pizza ๐Ÿ˜ข

This is actually a really handy app!