this is the second one of these that hit HN this week? other was a post deleted from reddit. seems like possible explanations here are:

- standard 'loveint' at support depts (many companies with personal data have stories about abusing system access to look at personal info of SO / randos)

- illicit group operating within or adjacent to goog doing some kind of espionage or ransom model

- google-haters inventing or amplifying a pattern of behavior? (but with what motivation)

- not obvious if the phones are passwordless, or if insiders are using a 'universal unlock' feature to decrypt pixel devices -- if the latter, is that a bigger story than the stalking?

if this is only happening to passwordless phones, still an abuse of trust, but I'm okay with 'don't send passwordless phone to support' as a consumer best practice.

Off topic: is it just me or is Twitter becoming much more hostile to users who aren’t logged in? I can’t click anything (mobile safari) without being nagged by a modal to sign up/log in.

I lost my Google account because of this and no one at Google wants to take accountability for it. Even as a Google One client. I'm afraid of what's going to happen to it because it has my social security attached to it's payment profile (business Profile too)

As a Pixel user who has sent their device in for repair, how does the repair tech get past the device authentication and into the device? (I'm assuming the user had a device password/passcode set). If possible, this seems like a glaring security issue for Pixel users.

According to the Google support site, all Pixels are encrypted by default. So, this shouldn't even be possible...unless perhaps there was no lock code on the device?

How do you get a notification for what picture was viewed? I don't see any Google account setting for that.

That kind of makes me doubt this report, at the very least part of it.

Hmm. I wonder how this person got notifications even though their phone was offline to avoid being wiped. I also wonder why this person got notifications. Most services don't send you notifications just because you used a device which is already logged in.

Complete and total duplicate of https://news.ycombinator.com/item?id=29404954 and again with absolutely no evidence even though there are apparently tons of evidence left by this person doing this with absolutely no cuation (security notifications left in trash etc).

> The hacker changed my gmail settings to mark all security messages from Google as spam

The fact that this is possible is a weakness in itself.

Google security messages should be signed and treated differently by the client & server

Although I have no love for Google, claims like this that lack proof or evidence ought to be viewed with great skepticism.

It sounds to me like the real story here is how someone was able to access a Pixel that was turned off.

Buried in the thread if it was Google Inc.:

> yes it was the official Pixel warehouse, arranged directly by Google support.

More useful takeaway is to have a secure password on your phone. Repair techs aren't able to do anything that a pickpocket couldn't...

Doesn't Google allow devices to be de-authorised from an account via a web client? https://myaccount.google.com/device-activity

Given I don't have much experience with the Google ecosystem, how does one know which photos were accessed?

(Not calling her account into question, just curious)

They tell you to factory reset the phone before you send it in.

This feels way too coincident with her recent book release.

Given her already public figure persona and proceeds from prior works, why EVER take the risk to ship such personal hardware to a 3rd party?!!

Just get a new phone and sync a back-up…unless it just might be beneficial PR to, apparently, do the “risky” thing and carp about it.

So far, I see ZERO corroborating evidence—even something as simple as a suitably redacted screenshot of an email to Google support.

Trust, but verify & extraordinary claims require extraordinary evidence.

I dont have a phone because I have enough trouble keeping my life private from the govt, let alone anyone else in society. Its bad enough science stole my privacy!

I find phones amusing because of all the trouble and strife they bring.

There are pro's and cons for phones, I get it, but should I be that accessible to anyone who can dial the right number combination or use a war dialler?

Well, this should be common knowlwdge: don' t keep personal data on devices.