Status Update
Comments
do...@gmail.com <do...@gmail.com> #2
Information redacted by Android Beta Feedback.
vi...@google.com <vi...@google.com>
ba...@google.com <ba...@google.com>
ba...@google.com <ba...@google.com> #3
Thank you for reporting this issue. We have shared this with our product and engineering team and will update this issue with more information as it becomes available.
ka...@gmail.com <ka...@gmail.com> #4
And it's really annoying 😭
Android 15 beta
Kernel
5.10.214-android13-4-00002-g4c868a6e89f5-ab12097184
#1 Tue Jul 16 15:34:35 UTC 2024
ge...@gmail.com <ge...@gmail.com> #5
mi...@gmail.com <mi...@gmail.com> #6
bi...@gmail.com <bi...@gmail.com> #7
km...@gmail.com <km...@gmail.com> #8
he...@gmail.com <he...@gmail.com> #9
Implementation Approach:
Now Google uses a hardcoded string replacement strategy. Consequently, notifications in third-party apps display messages like "Sensitive notification content hidden" will mislead users. Many users mistakenly assume the notification content modification is by third-party services, not the system.
Impact on Tools and Devices:
This change disrupts functionalities across devices and tools like wearables, notification history apps, and OTP extraction tools. Such a significant change wasn’t mentioned in the Android 15 behavior updates.
Incorrect Content Identification:
Users' feedback indicates that marketing notifications from apps like Gaode Maps, Douyin(Tiktok), Weibo, and even Xiaomi Store are incorrectly classified as sensitive.
Here is a screenshot of my app which shared by an user.
ma...@gmail.com <ma...@gmail.com> #10
st...@gmail.com <st...@gmail.com> #11
ab...@gmail.com <ab...@gmail.com> #12
st...@gmail.com <st...@gmail.com> #13
Very frustrating.
he...@gmail.com <he...@gmail.com> #14
Pixel 7, Android 15, GTR4
he...@gmail.com <he...@gmail.com> #15
“Protecting One-time Passwords from Malware: With the exception of a few types of apps, such as wearable companion apps, one-time passwords are now hidden from notifications, closing a common attack vector for fraud and spyware.”
I understand and support Google's efforts to enhance security by protecting one-time passwords from malware, as outlined in the recent announcement. However, there are some ways this feature might be improved:
- Enhance OTP Notification Detection:
The current method for identifying OTPs is not very accurate. As illustrated, many apps that contain 4-6 digit numbers are mistakenly classified as OTP notifications, including marketing emails, chat messages, and alarms.
- Modify Content Replacement Approach:
Instead of replacing the entire notification content with "Sensitive notification content hidden," consider masking only the actual codes and verification links with asterisks (***). This would allow most existing apps to function as intended and reduce user confusion.
I understand that making changes to an already released feature can be challenging within a large organization. However, please consider the perspectives of both users and developers.
he...@gmail.com <he...@gmail.com> #16
"Your verification code is 23456. Please enter the app within 10 minutes" => "Your verification code is *****. Please enter the app within 10 minutes"
"Tap link
That would strike a better balance between security and core functionality, maintaining compatibility that is acceptable for most users without adding significant workload.
ma...@gmail.com <ma...@gmail.com> #17
Allow me to turn this stuff off. I know what I'm doing. You can't simply force "security" features on people. Especially when there are legitimate use cases such as mine.
or...@gmail.com <or...@gmail.com> #18
he...@gmail.com <he...@gmail.com> #19
to...@gmail.com <to...@gmail.com> #20
pa...@gmail.com <pa...@gmail.com> #21
lm...@gmail.com <lm...@gmail.com> #22
ge...@gmail.com <ge...@gmail.com> #23
js...@gmail.com <js...@gmail.com> #24
js...@gmail.com <js...@gmail.com> #25
de...@gmail.com <de...@gmail.com> #26
al...@gmail.com <al...@gmail.com> #27
ma...@gmail.com <ma...@gmail.com> #28
ti...@gmail.com <ti...@gmail.com> #29
le...@gmail.com <le...@gmail.com> #30
vi...@gmail.com <vi...@gmail.com> #31
is...@gmail.com <is...@gmail.com> #32
he...@gmail.com <he...@gmail.com> #33
According the
adb shell appops set com.catchingnow.np RECEIVE_SENSITIVE_NOTIFICATIONS allow
Then restart the notification listener service. com.catchingnow.np
is my app FilterBox' package name. Change to your app if needed.
jk...@gmail.com <jk...@gmail.com> #34
bi...@gmail.com <bi...@gmail.com> #35
8a with Mi Band 7. Though I do agree with
solution for the general public.
On Fri, Oct 18, 2024 at 2:41 PM <buganizer-system@google.com> wrote:
ke...@gmail.com <ke...@gmail.com> #36
ke...@gmail.com <ke...@gmail.com> #37
si...@gmail.com <si...@gmail.com> #38
lm...@gmail.com <lm...@gmail.com> #39
If you do not want to execute adb command in the terminal, you can simply turn off the "enhanced notification" in the notification settings.
ab...@gmail.com <ab...@gmail.com> #40
at...@gmail.com <at...@gmail.com> #41
an...@gmail.com <an...@gmail.com> #42
yo...@gmail.com <yo...@gmail.com> #43
gu...@gmail.com <gu...@gmail.com> #44
ge...@gmail.com <ge...@gmail.com> #45
he...@korzinki.net <he...@korzinki.net> #46
ma...@gmail.com <ma...@gmail.com> #47
be...@gmail.com <be...@gmail.com> #48
bf...@gmail.com <bf...@gmail.com> #49
mi...@gmail.com <mi...@gmail.com> #50
si...@gmail.com <si...@gmail.com> #51
dj...@googlemail.com <dj...@googlemail.com> #52
rl...@arizona.edu <rl...@arizona.edu> #53 Restricted+
jz...@gmail.com <jz...@gmail.com> #54
gr...@gmail.com <gr...@gmail.com> #55
bi...@gmail.com <bi...@gmail.com> #56
vv...@gmail.com <vv...@gmail.com> #57
I was hit by this very frustrating problem as well, but was able to solve it by taking these steps (taken from this
- Uninstall the Garmin Connect App
- Forget the device on the phone in the Bluetooth settings
- Restart the phone
- Restart the Garmin/Android watch
- Install the Garmin Connect App
- Pair the phone with the watch and complete the set-up
I then tested getting a OTP from my bank and the notification displays properly on my watch again. My uninformed guess is that this process somehow "resets" the permissions granted to the watch in a different way, so it is possible that just unsetting all permissions and resetting them could also work?
be...@gmail.com <be...@gmail.com> #58
de...@gmail.com <de...@gmail.com> #59
mi...@bitrock.it <mi...@bitrock.it> #61
jk...@gmail.com <jk...@gmail.com> #62
In short - THIS HAS not BEEN FIXED.
ba...@gmail.com <ba...@gmail.com> #63
ka...@gmail.com <ka...@gmail.com> #64
de...@yarof.com <de...@yarof.com> #65
co...@gmail.com <co...@gmail.com> #66
tp...@webthat.com <tp...@webthat.com> #67
ti...@gmail.com <ti...@gmail.com> #68
wo...@gmail.com <wo...@gmail.com> #69
I'd like such feature to be opt-out at least. Or, as suggested, you can censor the contents by replacing (potentially) sensitive information with asterisks (but still opt-out). But I'd actually like to be able to turn this feature off, because I happened to rewrite security code from my watch to the application, without touching the phone.
Moreover, introducing this feature without any kind of warning caused a lot of confusion. I perceived it as some kind of broken functionality in Android, because it never told me, *why* the content is sensitive.
em...@googlemail.com <em...@googlemail.com> #70
jb...@gmail.com <jb...@gmail.com> #71
Tried fixing it as pointed out in reddit, but I cannot find any option for "enhanced notifications" anywhere in settings.
Description
What
User experience
What type of Android issue is this?
Other issue
What steps would let us observe this issue?
What did you expect to happen?
When I receive a notification on my phone, its full contents should be displayed on my Garmin smartwatch, even if the "Sensitive Notifications" toggle is disabled in Android's notification settings. This means the notification content should always be visible on the watch, even when it's hidden in the lockscreen when the phone is locked.
What actually happened?
Starting with Android 15 beta, the watch notification will sometimes show "Sensitive notifications content hidden", meaning only the source app is visible but not the actual notification contents. This doesn't seem to happen with every incoming notification, but I'm unable to identify a consistent way to reproduce the bug. I've also tried enabling the "Sensitive Notifications" toggle, which means they're always visible on the phone lockscreen even when the phone is locked. But the issue also seems to occur occasionally in this scenario.
What was the effect of this issue on your device usage, such as lost time or work?
Moderate
Additional comments
This bug seriously affects the usage of wearable devices, as you can no longer use them for some of their main tasks, such as reading 2-factor authentication codes without having to use your phone.
In my case, I'm using a Pixel 7 Pro paired with a Garmin Forerunner 255S Music watch.
A Reddit thread mentioning this same issue can be seen here, in which at least a user reports this also happening with his Pixel 2 watch:https://www.reddit.com/r/android_beta/comments/1dzx583/garmin_notification_for_otps/
A few things to note just in case they matter:
When
Time and frequency
When did this happen?
Jul 20, 2024 GMT+02:00
How often has this happened?
Frequently
Where
Component
Suggested component: <not visible> (1498455)
Build and device data
- Build Number: google/cheetah_beta/cheetah:15/AP31.240617.009/12094726:user/release-keys
(Note: It is the build when sending this report. For exact build reference, please see the attached bugreport.)
Debugging information
Servicios de Google Play
com.google.android.gms
Version 242663044 (24.26.63 (260400-652952954))
System App (Updated)
Android System WebView
com.google.android.webview
Version 647813433 (126.0.6478.134)
System App (Updated)
Network operator: vodafone ES
SIM operator: Vodafone
Filed by Android Beta Feedback. Version (Updated): 2.43-betterbug.external_20240522_RC03 (DOGFOOD)https://developer.android.com/preview/feedback#feedback-app .
To learn more about our feedback process, please visit