Not sure if this is the correct place to post, but I just wanna kinda rant a bit.
I’m not the only one that hates this, right?
An app can just do a “This App Does Not Allow Screenshots”? Like… wtf?
Like, its my phone, and some app can just decide to disable a fuction of my phone. It’s my phone and if I wanna take a screenshot, I’m taking a screenshot. I don’t care about whatever “security” the app developer wants.
Imagine if every online shopping app whether fast food or amazon, just used this to block you from taking a screenshot so you can’t save the records in case of a dispute.
Which android developer thought it was a good idea to let an app disable a function on your phone. Even iPhone doesn’t have this stupid concept.
Sorry for the rant.
Anyone wanna share your stories?
(P.S. I have a cheap secondary phone to take photos of the screen. “This App Does Not Allow Screenshots” my ass lmao, I’m taking the screenshot whether the app wants it or not.
The point of many of android’s “protection” features isn’t to protect the user from apps, but to protect apps from the user. I hate it.
In this case, I think it’s protecting apps from other apps. No secret screen recording going on while you’re looking at bank statements, etc. I find that annoying, too, but I’m less annoyed by the reasoning in this case.
Now if Google could explain why toggling wifi through Tasker requires root, I would LOVE to hear the reasoning…
Or changing or just adding a system font.
Or setting a charge capacity limit.
Or adding separate quick access tikes for wifi and cellular.
The first two don’t bug me but dam, give me my 6 buttons back!! I hate these fat notification tray icons. And yes, fuck Google for making it take MORE clicks to toggle wifi/cellular than before.
Unless they changed something in Android 15, which I haven’t been able to try yet, I don’t think the separate WiFi / Mobile Data tiles were ever removed. At least they still exist on LineageOS 21 (Android 14), just hidden in the tile editor. You might want to check if you still have them there.
I just have “Internet”
That’s probably your mobile connection? Are you translating or does an English android say “Internet”?
What’s the symbol?
There’s also an option you can turn on that allows you pulling the menu down from the right side of the top of the screen, and you get the whole menu. I tried linking but for some reason I haven’t been able to upload images with my new phones for some reason. And then pulling down from the left side will just bring down the normal menu.
You can also reorganise the tiles so you have your most used in the quick bar.
It literally says “Internet” and is for both wifi and cellular data. You click it and the popup shows toggles for both along with available wifi networks and while I have organized the tiles so Internet is the first option, there is no option to separate the two. Airplane Mode is a separate tile
Pixel 7 Pro with Android 15
In this case, I think it’s protecting apps from other apps. No secret screen recording going on while you’re looking at bank statements, etc.
I think with all the engineers at Google developing Android they could come up with a solution of how to discern whether the act of screenshot was triggered solely by the user, or an app on the phone. They are the ones in power of all the APIs that allow other apps to capture the screen content in the first place. Maybe I am simplifying it too much, but this seems as a bad excuse to me.
Maybe it would be too hard of a solution since there’s so many ways third party apps could capture screen content (including for example the Android accessibility service which also allows apps to read content of the screen and even simulate screen touches and gestures which many automation apps make use of) that blocking the screenshot alltogether is by far the most feasible solution.
There is already a solution:
Third-party apps, unless a user specifically go to settings and find that option, don’t have the permission known as “Draw Over Top” that’s required to do screen recordings/screenshots.
So by default, a user is already safe from a malicious app trying to steal info. (That is, unless they just be an idiot and give the app “Draw Over Top” permission)
the permission known as “Draw Over Top” that’s required to do screen recordings/screenshots.
That’s not exactly intuitive. I had no idea that permission would allow an app to take screenshots. The warnings given on the permission screen mention other risks, but not that one.
Some password managers want draw over top.
Bitwarden required it, iirc
Well you are gonna be trusting the password manager anyways, since its literally storing all your passwords. If you trust Bitwarden to store all your passwords, then you can trust it to not abuse the “Draw Over Top” permission.
I just looked at my bitwarden permissions and that’s not listed there…
For me and my family, I think the best solution would be to leave it as-is but with a way to lift the restrictions for power users that doesn’t involve root access. Something akin to enabling developer mode without having to buy a specific rootable phone
They changed it the other day where airplane mode doesn’t require root. That one’s nice for me.
Never mind that shortcuts on iOS has been able to do that simple task from its inception.
When did airplane mode ever require root?
He means just for “tasker”. Not for manually selecting airplane mode.
Up until Android 14 I think. Android 13 for sure does not support it.
Unless an ADB trick counts https://tasker.joaoapps.com/userguide/en/help/ah_secure_setting_grant.html
You used to be able to do everything I wanted through tasker without root but Google has been stripping away functionality for years
Third-party apps, unless a user specifically go to settings and find that option, don’t have the permission known as “Draw Over Top” that’s required to do screen recordings/screenshots.
Fair enough, though experience with my unsavvy family makes me think a lot of people will do whatever an app tells them to do
Ok but why is my browser doing this in incognito mode? Incognito mode isn’t a banking app. It’s me not wanting my browser to save my Facebook login info or history.
The target use case for incognito mode is to prevent the device from saving your activity during the browsing session through things like cookies and history. To that end, incognito also blocks it to prevent other apps from saving your activity through screen recordings or screenshots.
Now if Google could explain why toggling wifi through Tasker requires root, I would LOVE to hear the reasoning…
tbf all hardware-functions require root permission by default.
Linux does the same thing. If you want to access /dev/sda, it requires root.
I could guess one of the ways it could interfere with security is that it would probably also allow the app to disable WiFi. If the app does that, it could incur costs as now data is being transmitted over mobile connectivity. Also, it would maybe allow the app to find your mobile-IP address, which could be used to geotrack you. But i don’t know, i’m just talking out of my ass here.
But it didn’t used to. Every phone I had before the S22 could do it
interesting
“Protections” are fine, as long as there’s an override for it.
User doesn’t like potential malware from “sideloading”? Then don’t enable “Install from Unknown Sources”.
Same thing with everything else, there should be an override switch.
yeah just like with mounting EFI vars on linux…
it should be possible because “root can do anything, really”, but also, it’s dangerous and should be disabled by default.
Being able to block screenshots is “supposed” to protect users from having malware take screenshots of banking apps and other such information.
If app developers were good, this could have been a good feature.
But I agree with OP. It still should be the user’s choice.
My Banking App does have the option to disable this feature.
It’s all fine if it’s a user choice, very annoying if it’s not.
I fuckin hate that Playstation 4 and 5 do this for taking screenshots from movies. I just want to get a good screen grab for meme purposes! Do you think I’m going to screen shot every goddamn frame of a movie, one at a time, paste those back together as a video, then somehow rip the audio too, and then share this necromantically-assembled abomination with all my pirate buddies? Fuck you!
Now that is really stupid, especially given how easy it is to just fire up the movie on your PC and take a screenshot from there.
Netflix does this on windows too
I was able to use snipping tool to take screenshots when I had Netflix, but I also used it through my browser.
Surely it blocks snipping tools new recording feature on windows 11 though right?
I wouldn’t doubt it, but I’ve never used Windows 11 and never will >.>
Udemy blocks this so netflix must. I try to screen shot sometimes for educational purposes and it always ends up as a blank screen.
And that’s why you should refuse to pay a penny and just pirate everything by default. If you feel like supporting the creators, donate to their union strike fund.
god bless Digital Restrictions Management
I work for a company that builds an app /sdk that handles credit cards / payments. It’s one of the (many) requirements for getting an industry standard certification (like PCIDSS / MPOC). The app Must block screenshots, and Must disable the camera while using it…
What on earth are those in charge of certification standards thinking they’ll achieve with requirements like this?
It’s probably to stop third party apps from screenshoting the banking app.
Why is this only a problem on mobile? Why doesn’t desktop have similar requirements?
tbh the security settings on desktop devices tend to be more lax in general; for example almost any desktop pc has an open bootloader, means you can sideload an operating system from usb. The consequence is that no password-at-login will protect your private data; only full disk encryption can.
Smartphones on the other hand often have a fully-locked bootloader, which means it’s totally non-trivial to install an alternative operating system. especially, it often contains wiping any data on the smartphone, so an attacker with access to the device can’t simply install their own OS and read the internal storage.
I don’t know.
The same functionality that you use to take screenshots can be hijacked by bad actors to get access to your stuff. It’s especially bad if they can see your MFA apps or other sensitive info.
Not saying the functionality is always used for the best of intentions, but there are many situations where I see it as necessary.
Accidentally screenshotting your bank acct and routing number is the only one I can really think of.
Or your “time clock earth sounds” app from the not so well policed appstore takes silent background screenshots, grayscales them and sends them to their host for OCR.
I agree this permission is annoying. But I differ in I feel it should be system controlled and can be invoked by apps that identify specific fields to be blocked, instead ofnjusy disabling it outright.
Not sure how this is relevant, these numbers are routinely shared with clients and suppliers.
Why did you capitalize “must”?
Probably a nod to the written style of RFC definitions, which have the word entirely in capital letters, as in… the implementation MUST do such and such, and SHOULD do this other thing. In this case, the relevant security standard(s)
We have italics and bold characters for that.
RFCs were being written back when line printers couldn’t do either.
I misread your comment and thought you said “RFK”. I have no idea what an “RFC” is. Some sort of teletype thing?
RFCs are Requests For Comment, published technical documents describing proposed standards.
That’s nothing. My workplace disabled copy/paste on everyone’s work iPhones completely. Not in their own apps but system wide. Apparently that’s something ios allows them to do. Doesn’t affect me much because I use the phone as a glorified dual auth token but some people have it as their primary phone.
work iPhones
some people have it as their primary phone.
Bruh, I have no idea how people can put up with their employer being able control their device. Like… the employer can freak out about some perceived “security breach” and decide to wipe everyone’s phone and you lose all your data like photos. Also, their employer can see if they are shit talking about the employer or mangement people, and it’s a terrible idea if they want to unionize.
As an IT guy that manages MDMs, no we cannot see communications on the device
As another guy that does, yeah we can push ediscovery apps to the phone and pull all kinds of data
Something I’ve been dying to ask an industry expert. If your users setup a second user profile on android , and exclusively uses the second profile for work-related apps (assume full control), can you see the contents of the first (unrelated) user profile?
They are okay with it because it isn’t their phone. It’s a free phone that comes with the job.
“Free”
hmm I rather not… like its not just “privacy” you’d have to worry about, there can be potentially a rogue employee of the company just stealing all your bank info and possibly steal your identity. Might be a “free” phone, but there’s just much more risks than just getting a cheap android phone. People don’t think this though and only think about the “free”. Dealing with identity theft is not fun. If only people understand the risks… 🤦♂️
Don’t put personal stuff on your work phone. Use your own phone for that. If you have trouble carrying both, hit the gym.
Yea exactly. I would just carry 2 phones, but I’m just saying: I don’t understand how other people just use their work phone for personal use simply because it’s “free”
Yes it’s just a terrible idea. People do all sorts of dumb things though.
Obviously they are less concerned about things you are quite concerned about. I’m sure there are things that concern them and that you don’t give a shit about.
My work phone battery lasts for like 5-6 days because I only have Slack, MFA app, and outlook on it. It’s crazy to use it for personal use
I have never heard of copying and pasting being disabled in iOS. I’m sorry, but this claim is dubious.
I like that it’s possible, but I think it should be treated like a permission with a user accessible toggle in settings for each app.
I would like to see the same thing for clipboard read access. In the same way app has to prompt you for location permission it would have to prompt you to read the clipboard and you would actually have the option to allow it all the time which is handy for some apps like clipboard manager, or don’t allow it alltogether which is handy for some random apps you don’t trust.
It’s a really good feature imo and I’d love to see it be more common. This is how iOS does it:
It could be nice, but also annoying in some cases. I would at least want to have an option to allow all the time.
and preferably an option of “ask everytime as yes no”
Oh yea, something needs to be done about the clipboard. It’s unsettling to know that a random app can just get your clipboard. Sometimes bitwarden doesn’t detect a password field for some reason so I have to copy it to the clipboard 😖 don’t feel safe…
You can install Shizuku and AppOps to set default permissions for new apps and limit clipboard permission for installed apps.
I’m assuming those require root?
I’m not really into rooting. More attack vectors. I have rooted in the past and managed to brick some phones, not really in the moods to destroying stuff.
It uses wireless or local ADB. No root required.
I believe Bitwarden has a setting to “wipe” the clipboard after some time.
Not perfect, but better
Does it have a virtual keyboard?
Not as far as I know.
Aaaah! I’m so frustrated by this BS. Its MY phone. It should be MY choice.
Switching to GrapheneOS soon, and if the bank app(s) don’t work, too bad. I’ll use a (Linux) computer.
GOS does allow taking screenshots, but they come out to be an empty black image.
Ah, same with E/OS, I’m just seeing now. Never thought to test that!
GOS allows that to be bypassed?
Well fuck me, I wanna use Samsung Tags to track my cat, so can’t really get a Pixel to use GOS.
I believe you just need the smartThings app to track the tags, which is available to all Android devices. You could use GrapheneOS on a pixel and still use your trackers if you want.
I recently bought Samsung tags to track my cat, too. The app is available on Pixel but it doesn’t allow me to pair with the tag, so no, it’s a bit more complicated
Um no, it doesn’t work like that. Its not just an “app”, the app is just the interface, it require some deeper code that runs in the background to make the network work. Everyone who participates in the network needs their phone to be constantly scanning for other tags, and ig it were just the app, it would get easily killed by the OS, so they made it part of samsung’s OneUI, and require OneUI
Also: The second reason it quire Samsung Phone is, I speculate, that its also to incentive people buying Samsung Phone over other brands, which in this case, they succeeded. Having access to such a huge network is very powerful, tile doesn’t have such a large network like Samsung or Apple, and since I dislike iOS, my only other option is Samsung, or I’d have to pay a monthly subscription for a cat tracker which would be terrible and very heavy for my cat to wear (and also you need to charge those batteries every 2 weeks, unlike a bluetooth tag that can last months). Samsung is very clever at getting more phone sales.
Google has find my device tags as well just FYI that utilize all modern android devices, so probably a larger network than Samsung’s but smaller than apples
I read about it and sounds cool, but inferior to Samsung’s smart tags (or Apple’s airtags, for that matter).
If you didn’t know already, let me explain:
Smart tags that are powered by Google’s Find My network doesn’t work as well because Google’s Find My Network settings default to a setting that requires Multiple devices to scan the tag before the server reveals the tag’s location to you.
Sure you might say its for “privacy” and I understand Google is trying to be very noble here. But when my cat goes missing (god-forbid, hopefully never happens) I don’t need this fake “nobelness” and “privacy-concious” mindset, I need for my tags to work and for me to find my cat. Google be selling all your info then suddenly wanna pretend like they’re some saint when it comes to these tags, bruh the location of the tag is already reported to Google servers, they’re just hiding it from your view until they decide enough devices has scanned it. Wtf Google, what’ the point of that?
Both Samsung and Apple tags show the location after one device scanning it and reporting the location, Google’s however, requires Multiple. Yea just find some youtube video comparison and you see the difference. Google’s shit is junk.
Also on top of the issue mentioned above the Samsung Tags have been out for years, Google’s have only been recently releases, and is buggy and essentially in beta-testing.
Good info to have, thanks
Removed by mod
My cat is an indoor cat. Please stop making assumptions. Indoor cats can still escape. Its in case the cat gets out.
I didn’t assume you had an outdoor cat I provided information in case you did.
How about you stop making assumptions?
I just switched to GraoheneOS and love it! All my financial apps worked out of the box.
Wanna know what’s even more fucked up? Few years back, I had exactly this problem. Searched the internet for a solution. Guess what?
Enable Google Voice Assistant and say “Ok Google. Take a screenshot.” Google magically has the rights to make a screenshot on the App that doesn’t let you, the user, take the screenshot.
Next phone I get is gonna be something with a alternate OS, no Android or iOS.
Good luck with finding an alternative. I tried running a Pinephone Pro with Linux and it was just too buggy to use.
If your current phone lasts 4 more years it might be ok software wise but good god is it bad now.
Don’t a lot of people use GrapheneOS?
People do but it’s Android. They asked for a non iOS non Android system.
Yes, I use GrapheneOS myself, but just know that it doesn’t make any changes to AOSP other than privacy and security enhancements. Apps can still prevent you from taking screenshots on GrapheneOS.
it’s for pixel phones only.
I realistically only need to have mobile data, run Signal, Discord, possibly WhatsApp, and have a working browser… Hm. I hope that works.
If you are ok with a 4-5 hour battery life then this should work. They all have Linux clients. The problem is that there is no notification infrastructure. The phone just runs like a desktop the whole time. If you sleep the phone you don’t get alerts.
That OS won’t have those banking apps in the first place, so what’s the difference to just not installing them on Android?
android allows programs to prevent screenshots, which is defective by design https://www.defectivebydesign.org/
Cool website!
This is a hot tip, thank you! Just confirmed in my banking app, no overlay or notification but the screenshot appeared in my photos
So, the very thing the block claims to block, is completely allowed lol genius
Google is working on replacing Assistant with their Gemini AI crap - would not be surprised if it no longer works there.
Like, its my phone, and some app can just decide to disable a fuction of my phone.
Is it your phone though?
🙃
It should be, but the reality is that is isn’t.
Yes, and we should not give app developers a free pass because “everybody is doing it”.
Your physical phone hardware belongs to you.
The Android operating system is licensed for your use as Free and Open Source Software.
All the other Google bits and blobs are licensed to you by Google.
Some days I’m not even sure if I own the shoes on my feet or if they’re just licensed to me.
deleted by creator
I hate this “feature” of the Dexcom GCM app. They seem to believe that HIPPA law prevents me from sharing my glucose readings with anyone I choose to.
To send readings to people, I can’t screenshot the app but I can screenshot the notification which contains the same info 🤷🏼
Yep, same with the-shitty ass Kaiser Permanente app, which itself is just a webview wrapper around the crappy kp.org website. I cannot screenshot my test results, or any other screen within the app, but I can go to the same-ass page in my browser and take my screenshot from the website.
Just move to xdrip+, its better in every way than that steaming pile of garbage dexcom puts out. If your endo DEMANDS you use clarity and refuses ti use tidepool, you can generate a version of the dexcom app that outputs locally, and xdrip+ functions normally, and you can relegate the dexcom app to being opened every 3 months.
I love all the work people have put into the open source tools for this, because the first party apps are all garbage for “Fda approval reasons”
I’ve used a patched version of Dexcom before to get around the os version check and screenshot block but I never actually used xdrip+. Why do you like it so much and where do I get more info?
Man, my banking app recently switched to a different keyboard. One that doesn’t allow integrations like bitwarden. I also cannot copy paste my password into the password field so I have to enter my 32 character password by hand.
Mind you, this is not an app that does ANY banking in the first place it is just to authorize access to my bank account or for transactions.
So it is always a few minutes copying the password, making sure I haven’t miss-typed on the shitty keyboard or because of my sausage fingers and then being logged out of my bank account in the browser because it took so much time copying that password.
This type of dumbass design is the reason we have passwords like password12345.
iPhone absolutely has this concept
Interesting, I never seen an app in iOS that can block screenshots.
You can hit “take screenshot” but it results in a black frame iirc. Same for screen record.
I know Netflix has/had this if you video recorded. I thought I found a great way to download shows/movies until it was just a black screen.
Ticketmaster.
I remember one (snapchat maybe?) that couldn’t block it so it just alerted the other person you took the screenshot. Maybe it’s changed in a decade.
You can’t screen shot in streaming apps like Netflix and Disney. When you do the resulting image is just a black screen
I find this shit hilarious.
Who the fuck is pirating a damn thing by screen shotting their phone? Can I smash the buttons 30 times a second in order to be able to reproduce the movie? No, absolutely not.
In reality, people will be taking a screen shot in order to share something, giving free publicity to Netflix. So what actually happens is that I torrent the thing I want to make a gif of, or share a frame from, thereby leaving an incentive for the people who provide the torrents to keep on keeping on.
I agree that it’s infuriating! I downloaded an LSPosed module called CaptureSposed that overrides it.
It shouldn’t take a specific module hack on a rooted phone with a custom OS with an unlocked bootloader to get this functionality back.
I hate the whole bloody smartphone ecosystem for shit like this. Microsoft Palladium was widely seen as a nightmare scenario when it proposed ceding a bunch of user control to the OS and app developers a couple decades ago, even by the mainstream press. It seems Apple and Google used it as a roadmap, likely because people don’t know how to use computers, and that doesn’t seem to be improving.
The part of the modern mobile OS security model that does have merit is that apps aren’t trusted. The PC model, even in multiuser operating systems with fancy permissions was that apps are user agents which are always doing something the user asked for, and therefore trusted as much as the user. The glut of spyware for Windows in the early 2000s proved that false.
The fact that somebody else doesn’t know how to use a computer shouldn’t force me to cede control over mine to participate in the modern world. Root is a bit of an escape hatch, but it’s a blunt instrument on Android, and Google tries to help app developers stop me from using that as well. I’m starting to feel like Richard Stallman was right about everything and I should go be a digital hermit, only running software I compiled from source.
Wow that blog post is from 2013? I wouldn’t have guessed if not for the references to 3G.
I just read it myself, as a “mature age” student at University in 2024 I have often sarcastically asked some of the 18-21 cohort in the class if they need the old person to show them how to use a computer when they don’t even know that a “program” for a PC/Mac is just another word for “app” even the teachers look shocked when you hear most of the class nod in agreement about not knowing what software actually is and that it can be installed without an “App Store”.
I think the thing is most people just see computers and tech as just another appliance the same as a microwave and to know anything more than “turning it on and off again” is just seen as far too nerdy or a waste of time when they can get on the internet and read their influencers on social media or just watch YouTubers instead….
But they are the first to complain when “the internet doesn’t work!!”
That blog could have been written today!!
Ironically, Google’s new creepy Circle to Search feature gets to override the screenshot denial lockout that Google themselves created.
Doesn’t appear to work in my case. I can a blank screen like I would when trying to screenshot.
Of course. When you run a monopoly, you get to make your own rules.
EU should force Google to open Android back up.
Soooo… Any Magisk module that allows one to bypass this?
There’s is an LSPosed module called Disable-FLAG_SECURE that does this