this post was submitted on 10 Jun 2024
50 points (100.0% liked)
Privacy
32456 readers
522 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
De-googling inherently causes functionality loss on Android because Google provides a lot of basic services via things like the Google Services Framework. It might be best for you to buy something cheap (secondhand Pixel?), install LineageOS, and then see how you like that before committing to something costly like an Xperia, especially since you're coming from iOS.
The only functionality I've lost after migrating to a Pixel with GrapheneOS is the Android Device Policy (aka Work Profiles, the spyware your employer requires to use certain work apps)
Good riddance if you ask me lol
Does GrapheneOS result in a loss of work profile? That is a massive disadvantage to compartmentalisation of apps. Thanks for letting me know.
It just doesn't allow you to use the Android Device Policy work profile which makes it so you can't log into Slack for work (for example) if it depends on the work policy spyware being active on your phone.
I get that for some people that's a non-starter but for me who vehemently supports and exercises my Right To Disconnect, not having spyware on my phone for work is a good riddance.
For work you should anyway demand a separate phone from company, or company budget for separate phone. Never run company spyware on your own phone. Tell them you will buy the absolute dirt cheap phone for work purposes, and will not be usable outside of work hours.
Quite a lot of apps cease to provide real-time notifications/messages, if they work at all, when Google Play components are not installed under GOS. At the very least, Google Services Framework is required for many mainstream apps.
That's what the Google Play Sandbox is for.
Other ROMs don't have Sandbox.
You do not need the "sandbox" since you can control Google packages permissions using AppOps mechanism. It is the gist of kdrag0n's Sandboxed Play Services. You can manipulate any Android package in any way you want using a privileged AppOps permission controller and firewall with HOSTS or custom domain blocking.
What is Sandboxed Play Services? I've searched for it but I seem to find contradictory information. Looks like a feature that needs to be added explicitly to a ROM by its devs? It seems to have originated with GrapheneOS but there's no mainstream support, in LineageOS for example.
All I know is that its a feature of GrapheneOS, and is the main reason why I switched over to it.
It originated in kdrag0n's Proton AOSP custom ROM. GrapheneOS just took it and rebranded it as their own invention, like Apple does.
Sandboxed Play Services merely restricts app permissions of Google Play related packages using AppOps mechanism, and probably restricts their networking a little bit. All this can be achieved on any Android phone without rooting or unlocking via ADB/Shizuku and a firewall.
Oh that's interesting. So basically it's just Google apps running in userspace as opposed to system apps, and subject to any restriction you can throw at user apps? I imagine that Xprivacy would work too in that case.
Pretty much, you understood. This is the kinds of justification I have for fancy custom ROMs like GrapheneOS being the equivalent of snake oil. Some bad actors try to twist it as me being malicious, even though I am just telling the facts about how things really are. They do not make life easier, they do not make privacy easy to attain, they make it harder or impossible to use everyday apps, and they forbid you to question their product or motives. FUCK THAT NOISE.
Isn’t there maybe a way to keep the factory os and selectively disable google services. Sort of no-script style? Not too familiar with the android ecosystem tbh, other than google is on top of the food chain, haha.
In principle, one could probably do this to a rooted phone by removing all the Google apps, and all the Google services, and giving up the other apps and services that depend on them. It would be a nontrivial task, and the steps would likely be different for each phone model (and possibly each OS version). I don't know of a project that does this successfully. You might try searching xdaforums.com for someone who has done it.
However, I wouldn't depend on Google services staying disabled when Google still controls the OS.
IMHO, it's safer and easier to replace the entire OS.