Facebook install a rootkit on many Androids which had the ability to send all of you debug-level system logging to Facebook. Even if you never installed their shit. That data can be used to track everything you do on your phone.
We found this out (I was the first to recreate / prove it) when testing the COVID contact tracing apps in NL, at the time Google were logging the seeds to the main system log. That allowed anyone with access to said logs to build a real-time map of ever Android user in the world who had the GAEN framework installed.
EDIT:
Here's the press release in English covering the app shutdown:
Here proof that we shut the app down whilst the issue was being fixed, in English. There are more details in Dutch including the letters to Parliament we had to make covering the details. If you're Dutch use Google.
Is this still in place? I’ve skimmed the paper: is the assertion that major hardware vendors are shipping Android devices with pre installed (sometimes non public) libraries (from Meta for example), which have wide data access permissions including potentially the ability to decrypt sensitive wire/rest data (via certs)? And they are still doing this???
We found this out (I was the first to recreate / prove it) when testing the COVID contact tracing apps in NL, at the time Google were logging the seeds to the main system log. That allowed anyone with access to said logs to build a real-time map of ever Android user in the world who had the GAEN framework installed.
EDIT:
Here's the press release in English covering the app shutdown:
https://nltimes.nl/2021/04/29/coronamelder-app-taken-offline...
Here's a paper detailing Facebook's access infecting systems with no Facebook installed:
https://arxiv.org/pdf/1905.02713