"Glitch" Allows A Google Search Request to Show Your Text Messages

rgMekanic

[H]ard|News
Joined
May 13, 2013
Messages
6,943
In a report from PhoneArena, a Reddit user noticed that when he accidentally typed an extra period into a google search for "the1975..com" instead of a search result, he received a page showing his text messages. The same page that appears if you asked Google to "show me my text messages." Another user noted that searching for "zela viagens" will trigger the same result.

Interesting find. Of course what this also means is Google is likely spying on your text messages as well. Fortunately PhoneArena notes in the article, that if you remove SMS permissions from the Google app, the Google can no longer spy on your texts.

Most Android devices running the latest version of the Google app are susceptible to the glitch. Those totin' an iOS device will receive the search results for the website, which is exactly what should happen to Android users as well.
 
When searching for zeal viagens, I get an error of "To improve contact recognition, Google needs to use your device contacts"

The other search result yielded normal results that were not messages.
 
Not surprising, seems like apps need more permissions all the time for unlrelated stuff.
Anecdotal but myself having used both a Pixel and an iPhone in the last year I noticed the Android versions of apps asking for more permissions than Apple versions. Such as the Fitbit app needed unrelated things so I didn’t install it.

I know they both do it and it’s not meant to be an Apple v Android comment. Just my observation while on Android was more permissions seemed to be necessary.
 
This is why I keep my installed apps to minimum, restrict permissions until an app doesn't do what I want anymore, and use Firefox for everything it can do.
 
All methods show my text messages however it seems like it's parsed on the device (I have a Pixel 2 XL.)
 
zela viagens returned my text messages on my Nexus 6. Promptly yanked SMS privs for Google app.
Not my nexus 6, but then, I installed carbonrom and the nano package for opengapps, and made sure none of the extra stuff was accidentally pulled from the playstore.
 
i tried all of them but they just come up as regular search results for me.. :(
 
One worked, Yanked permissions quickly. If I can't send messages on my watch, I'll live. I consider this a huge invasion of my privacy.
 
What's Google app and why would one use it? A serious question.
 
So apparently this is just suppose to show them on the phone, it goes and reads the SMS and displays them, A centralize information center, which was what google was doing years ago.

Btw does this mean google is the new Microsoft Bob???

So do you trust them(google) to not copy your SMS messages back to their servers?

Guess someone is going to have to packet/tower sniff this and see if google is copying the SMS messages.
 
I consider this a huge invasion of my privacy.
Android is a huge invasion of your privacy. Google needs to collect your data to make money, what better way to do so than to build a free OS and an ecosystem around in. Android, the ultimate spying machine and people voluntarily buy them. Google must be laughing their asses off.

That's why I will never own an Android.
 
Android is a huge invasion of your privacy. Google needs to collect your data to make money, what better way to do so than to build a free OS and an ecosystem around in. Android, the ultimate spying machine and people voluntarily buy them. Google must be laughing their asses off.

That's why I will never own an Android.
Yep, the assistant doesn't magically know things, it knows where you work and knows your appointment becuase its reading everything. I mean sometimes is scary. It does worry me how accesible google makes this info to 3rd parties (?). I know and can assume google knows everything, in exchange i get their services, but just wtf they are doing beyond this assumption is starting to worry me more.
 
I just get Google search results if I type any of this into the search bar
 
ITT: People finding out for the first time that the Google app can retrieve your text messages for you.
 
You can pull SMS privileges but the OS likely still has access. I wouldn't 100% assume you blinded Google from your texts.
 
Android is a huge invasion of your privacy. Google needs to collect your data to make money, what better way to do so than to build a free OS and an ecosystem around in. Android, the ultimate spying machine and people voluntarily buy them. Google must be laughing their asses off.

That's why I will never own an Android.

iOS and Apple are not any better. Just fooling yourself if you think that.
 
this 'works' on LineageOS, i did have to go get the 'google' app through a GAPPS package and go through the setup as i had never used it.

however from running through the process it seems to re-display like GUI links would. does it make it secure? doubtful, but then you are probably the type of person that thinks you have never eaten human feces even though you regularly go to restaurants.

the good thing here is that a AOSP rom could at least be source checked, and nothing MAKES you install GAPPS.
 
Android is a huge invasion of your privacy. Google needs to collect your data to make money, what better way to do so than to build a free OS and an ecosystem around in. Android, the ultimate spying machine and people voluntarily buy them. Google must be laughing their asses off.

That's why I will never own an Android.

So what phone do you use that doesn't collect your data? If you think apple/MS aren't doing the exact same thing you're seriously naive.....
 
it could also mean that on android more needed to be asked, while on iOS, more permissions were given by default.
Well in the case of Fitbit it was location data, iirc the app wouldn’t work without it enabled on Android and on Apple I have always had location disabled for Fitbit.
All the same you may be correct that more permissions are defaulted to be given on Apple.
 
location data


GAWD.. i hate that. I finally turned that off on my samsung phone when one weekend some time ago, me and the wife were out and about in a new area.. just driving around exploring some mtn lake we had never been to. Stopped at a hotel to check it out for the future. Get home and a few days later i pull up google on my PC to check more into. when i get google maps to the area and select the hotel.. i see as notice on the left about how i was just there last week.. WTF?? I then of course would start to get ADs for that place on google...

the level of info that is tracked by google is wild

I now have all tracking tuned off on the phone that i can. Disabled a TON of apps that were preinstalled i dont need.
 
I now have all tracking tuned off on the phone that i can. Disabled a TON of apps that were preinstalled i dont need.

There was an article a while back on how there was another Google 'Glitch' that didn't actually turn the location off even when you had selected it to be on android. Some (polish i think) security researchers proved it was still being collected as far back as 2013. So .. yea without a physical off switch nothing is really off. Don't worry though, this time they really turned it off ....

Btw that's what the Opensource Librem smart phone offers to solve with physical off buttons for Mic, Camera and wifi. Along with a real Linux OS that actually respects your soft OFF requests. That said, towers still get data and can triangulate but as far as networking goes the Librem will use the Matrix protocol by default.
 
In case some of you were out of the loop,The 1975 is successful current British band. They have 2 albums and the lead singers parents are also actors in the UK.

Just pointing that out in case it seemed like something out of left field.
 
Back
Top