“Secretly”
To whom?
It’s only recording screens within the app. This sounds like an analytics tools. Any webpage can do this, common usage is click tracking.
Yup. Worked briefly for a company that would “snapshot” the browser view quite often, enough where if an issue arose we could somewhat replay the user’s interactions to try and repro the issue.
Pretty much any error tracking analytic software worth it’s salt does that these days!
Man, that pendulum swing from “the uncarrier” to full blown horrible large corporation. That merger with Sprint sure has made things better for customers, right?
-
It’s also android phones. All of the shots in the article are of android phones.
-
This is likely just recording sessions of the carrier’s app, not everything on your phone. Session recording for CS and UX is pretty common these days. It can be impossible to identify a problem unless you actually see what is happening in the app.
That said, you have to ask for consent for this shit. A lot of companies don’t alert customers when they release a new tool that requires privacy consent.
This is so. At the bottom of the article it says:
To help us give customers who use T-Life a smoother experience, we are rolling out a new tool in the app that will help us quickly troubleshoot reported or detected issues. This tool records activities within the app only and does not see or access any personal information. If a customer’s T-Life app currently supports the new functionality, it can be turned off in the settings under preferences.
So yes, it can only see itself, i.e. within the T-Mobile app. It’s still dumb.
I’m not well versed enough in Android app development to answer whether or not one userspace app can even access the screen contents of another app without root or special permissions, but it wouldn’t surprise me if there are several roadblocks in that path on the part of the OS for obvious reasons.
For quality assurance reasons, we’ve defined ‘within the app’ as ‘everything on the phone while our app is running in the background’.
That’s not possible without a permission prompt (on both iOS and android). So there’s no changing the goalposts like you suggest, without the user giving explicit permission.
It’s not possible at all, no permission exists that lets an Android app record something in another app. Much to the sadness of the mobile Hearthstone community that would love collection managers and stat tracking apps like what PC and Mac have.
Yeah, it’s possible with something like Shizuku. scrcpy works via adb, so something similar could work on-device.
It’s just not a part of Android’s standard permission system.
I’m not well versed enough in Android app development to answer whether or not one userspace app can even access the screen contents of another app without root or special permissions
This requires special permissions and explicit user approval every time an app starts screen recording, plus it shows a red notification whenever screen recording is active.
I think you could get by with a one-time user approval as a device administration or assistive app permission, which you’d need to manually grant in Settings. Unlikely anyone would do that by accident.
That might be different for system-level apps. I haven’t bought a carrier-branded phone in 10+ years so I’m not sure what that’s like these days.
Last I checked, you can have a system app as an accessability provider and be enabled by default
It’s not possible on Android, which is incredibly disappointing because I play a card game exclusively on mobile, and would love to use a collection manager and stat tracking app. These exist for PC and Mac, but not for mobile because of the very hard no-record-other-apps wall.
several ways
- screen recording
- accessibility services
- ADB
You’d need something to hook into the memory or storage of the app I guess?
Lemmy bring biased again?
OP literally changed the title to include iPhone when the actual title from the link says screen recording.
The article was updated. That may have been the original title since this was first discovered on an iPhone.
Buy yeah, OP should update this headline. Especially since it probably hits a lot more Lemmy users than originally reported.
I wonder if this would include on-screen notifications.
That would be a pretty big security hole in iOS if that was allowed, but it isn’t. Notification and other UI elements are rendered on top of the underlying app, which does not have access to or cannot see the full screen’s canvas. We can see practical implementations of this “snapshot” test feature in code:
Not the tools I’ve used. A lot of them aren’t even actually recording video. They’re recording the user interactions in-app, then playing those back on a cached version of the experience that is hosted with the session recording company.
Sorry to lazy to go through articles like this, do they mention if this is just in the US or something? Or do they also do this in the EU?
Does T-Mobile operate in Europe? I thought they were a US carrier.
Sorta yes and no. T-Mobile US is its own corporate entity, but their majority shareholder is Deutsche Telekom, and they take their name from that company’s mobile service brand.
They are German as far as I am aware, but that doesnt mean they do the same crap in Europe as they do in the US hence my question
The article doesn’t specify where and they don’t say T-Mobile US. They do say that it’s the T-Life app that records the screen while using it.
-
This type of gross invasion should be illegal and land executives and developers in jail. Look at how Germany jailed VW executives and developers behind a massive emissions testing fraud incident. Enough is enough
The thing is the ceo wasnt jailed due to “hwealth problems”
I am getting so cynical I think I’m just gonna choose to reject this reality and hang onto my own and believe he’s actually serving time
Yyeeeaaahh sorry no those are rich people you’re talking about we don’t jail them around here.
The only issue here is that it was turned on by default.
It only records your use of the T-mobile app, and specifically tells you what it’s doing any why you’d use it. Off should be the default.
They’re straight up screen recording customers? That’s crazy.
The crazier thing is, T-Mobile is in USA which means they’re going to get away with it.
No, they straight up aren’t.
They aren’t what, they aren’t in USA? They do business in USA.
They aren’t going to get away with it? Yes they are, they are a large corporation in USA.
They aren’t recording the screen everywhere all the time like the shitty article implies. Literally every website and app you use does the same thing as this T-Mobile app.
Literally every website and app you use does the same thing as this T-Mobile app.
Do you have a source for this?
do you have a source for this
Literally any analytics module will do this. Basically every major website you go to will do something similar.
I build software and can confirm this.
This is pretty run-of-the-mill analytics and user session recording. There’s nothing surprising here.
Usually it’s not actual screen recording but rather user action diff recording (Which effectively acts like recording the application except that it only records things that changed so that the recording is much cheaper to store)
This is extremely effective for tracking down bugs, solving user support issues with software, or watching session recordings to figure out if users are using the software in unexpected ways.
Usually it’s not actual screen recording but rather user action diff recording
Oh it’s essentially just a heatmap (or maybe event sourcing might be a more accurate way of describing it)? That’s fine then. Nobody called it that so I didn’t know that’s what was actually being talked about.
I thought we were talking about actually recording the screen itself.
And yet it’s a subsidiary of Deutsche Telekom AG.
Well that app is getting yeeted pretty fast off mine, thank you!
*thrown, the word would be thrown. And even then, you would not throw an app off a phone. None of this makes any sense.
Weird how it made no sense, yet you understood exactly what they were saying.
Nice work yeeting that person’s argument
Y’all are rawdogging the substance of this conversation
Because I had to look it up since I don’t have brain rot. Elevate yourself instead of blaming others for your lack of education.
You are calling someone else uneducated because they know more than you? WTF
WTFGood heavens!Don’t wanna sound uneducated now do you?
Oh no the children are making new words
Don’t forget to take your ibuprofen
Alright so I connect back like two hours after my comment, somebody gets ruffled at my language and they were downvoted into oblivion in response, that’s actually pretty funny, 5/7 would do again
Threw yourself under the bus there, didn’t you? 🤣
*yeeted.
No, because I don’t have brain rot.
Cap, I think you’re a proudly ignorant luddite.
Go yell at clouds or something.
Is using “omg” taking the lord’s name in vain? You seem like the type to have an opinion on that
Prove it. Yeet your previous comment without throwing it out.
with price increases a frequent occasion in recent times
Good grief this article was padded for length. Who speaks like that? How hard is it to write “with recent price increases”?
I agree completely with what you’ve said. Your perspective is thoughtful, well-reasoned, and aligns with my own understanding. It’s refreshing to see such clarity, and I support your view without hesitation. You’ve made an excellent and persuasive point overall.
No dialogue is ever static; every conversation offers an opportunity to reassess and refine one’s viewpoints in light of new insights. In coming to genuine agreements, we learn not only about others but also about ourselves, gaining awareness of how our internal values align with the broader spectrum of social beliefs.
Agreed
this
This
first
deleted by creator
Most likely written by AI
Most likely written by AI
Are comments like this most likely written by AI? Am I AI?
Obligatory em dash—done!
AI. Probably.
Ok that app is deleted.
Another reason to only buy unlocked, non-carrier subsidized phones with AOSP installed if possible
If it was in the EULA, it wasnt a secret. Our ignorance of t&c’s doesnt excuse us.
We should all be advocating for limited T&C’s on just about everything, or atleast be concious of our own agreements.
Tons of corporate software out there will record user sessions in order to debug issues and replay a user’s interactions so an engineer can review it. Take a look at tools like Hotjar, Logrocket, and Fullstory.
Not making excuses for them and it’s probably less insidious than this makes it out to be, but people should be aware that this is not uncommon at all.
I suspect these recording tools cause perf issues on low end hardware.
Depends on the tool. A lot of them are only logging interactions. They then “play” those interactions over a cached version of the experience to show you a “recording.”
