GrapheneOS hat eine neue Sektion auf der Website hinzugefügt: Eine Liste von Apps, die explizit die Nutzung von GrapheneOS über die Play Integrity API blockieren, inklusive Links zu den entsprechenden Play Store-Seiten. 👇
https://grapheneos.org/articles/attestation-compatibility-guide#apps-banning-grapheneos
#grapheneos #android #google
@[email protected]
I used GrapheneOS for several month on my Pixel 6 and switched now to CalyxOS to see the differences.
GrapheneOS is heavily security focused. But Google Play, even in a Sandbox, is a privacy concern for me, because I still can’t really control or see what it’s doing.
CalyxOS is more privacy focused. With MicroG I can see what apps are connected to the Google notification server and even block it. Maps data is from open street maps and not from Google maps.
@[email protected] CalyxOS is far less privacy focused than GrapheneOS. It doesn’t have crucial privacy features such as Contact Scopes, Storage Scopes needed for parity with iOS. It has the leaky network toggles from LineageOS, leaky anti-privacy VPN toggles, still uses multiple Google services by default and gives Google services privileged access within the OS. It has a bunch of privacy issues fixed on GrapheneOS. A recent example we addressed is leaking contacts to hands-free calling Bluetooth devices.
@[email protected] You’re missing that apps using Google Play are running Google Play libraries. The code running within the apps can and does directly contact Google servers. You are not avoiding running and trusting Google Play code by using microG with apps using the Google Play libraries.
GrapheneOS has support for redirecting Google Play APIs to alternate implementations which is what we do with location services by default. That is not exclusive to microG. We will do it with more APIs than location.
@[email protected] You control which apps can contact Google Play services via which ones you install in the same profile, such as putting it into a Private Space. However, each app using it includes the Google Play libraries and does not need to be able to talk to Google Play to use Google services. There is absolutely no requirement to have Google Play to use Google services. That’s a misconception. Many apps use Google services directly including through Google libraries, with or without Play services.
@[email protected] microG also has a bunch of privacy and security weaknesses including data leaks between applications and many holes poked in how the security model is meant to work. It was unacceptable for inclusion in GrapheneOS, so we began making our own compatibility approach in 2021 instead. Since then, we’ve been extending our approach including reimplementing more of the Google Play services and other functionality ourselves. That’s not going to be limited to the current location redirection.
@[email protected] GrapheneOS is in the process of implementing several features within the OS not tied in any way to Google Play compatibility including network location and geocoding. Our approach is implementing the features in the OS in a way that’s not tied to Google Play and then redirecting the Google Play APIs to the OS implementation. We’ll be providing our own implementation of FIDO, passkeys, maps, text-to-speech, voice typing and other features. GrapheneOS doesn’t include Google Play and won’t.
deleted by creator
@[email protected] You’re misunderstanding our sandboxed Google Play approach and what it means for it to be in a sandbox. It is the same app sandbox used for other apps, and they are simply regular apps constrained by the same permission model as everything else including our major improvements to it. Google Play services running on GrapheneOS has 0 additional access to anything compared to the Google Play code running as part of an app like Discord. In fact, it has less access, because it’s separate.
@[email protected] It’s a misconception that we’ve made a special sandbox for running Google Play services. That is not what we provide. There is no special sandbox or modified version of Google Play for GrapheneOS. You can simply install them as regular sandboxed apps with all our usual privacy improvements to the app sandbox and permission model. The feature is a compatibility layer which enables them to work with exactly the same restrictions as other apps that are not granted any permissions by you.
@[email protected] The whole point of this approach is that they have zero additional access compared to the Google Play code running within the apps using them. Those apps can do everything that sandboxed Google Play services can do without it installed. It gives absolutely no extra access or capabilities to the Google Play code that’s running as part of them. Plenty of the Google libraries function fine without Play services and make connections to their services without it. Not everything requires it.
@[email protected] That sounds great. Can’t wait to test this out.
@[email protected]
I’m aware of the fact, that almost all app form the Play Store or Aurora store do have one or more tracker build-in. For this reason I self-host a Adguard Home server and my phone is connected via DoT to this server. It’s unbelievable how many crap is filtered every day.
@[email protected] Those DNS filter lists that you’re using are designed to only block connections to domains not used for anything other than ads or tracking. They deliberately do not block connections to dual-use domains needed for real functionality. That heavily limits what can be done that way. If they did block everything used for tracking then a whole lot of mainstream apps would not work anymore so it wouldn’t be usable or truly useful. Protecting privacy from apps requires permission controls.
@[email protected] Android’s permission controls are not good enough. Apps force you to give media, storage and contacts permissions to use them. iOS has solutions for that and so do we. We’re in the process of adding more of these features for Location (to replace global Mock Location), Microphone, Camera and Phone. This is crucial for privacy. You cannot achieve privacy blocking some connections from the client while still allowing apps to connect to their servers and from there share with any 3rd party.
@[email protected]
You are right. I knew this already. I’m still following you on Mastodon. 😉 But to be honest, people don’t care so much about this important details. People using CalyxOS usually don’t install Google apps or services. CalyxOS uses still Googles time and GPS server, but is stripping out some information. And eSIM aktivaion goes to Google, if I remember right.
@[email protected] Then why are you claiming it offers better privacy than GrapheneOS?
CalyxOS comes with some Google services that it always uses, more than the ones you are listing, and no it does not strip out any information whatsoever.
Aside from that, microG is a privileged implementation of Google services. It does use multiple Google services. Saying people don’t install Google services is meaningless. It comes with them built into the OS with privileged access unavailable to regular apps.
@[email protected] It does not implement basic privacy features needed for parity with iOS. iOS 18 added an equivalent to the core Contact Scopes feature set, just not selecting specific subsets of data. Earlier iOS already essentially had most of Storage Scopes. We also fix some more minor privacy issues needed for parity.
CalyxOS does implement a bunch of misguided changes mainly taken from LineageOS, a lot of which either give a false sense of privacy or even reduce it compared to standard Android.