this post was submitted on 10 Jun 2024
50 points (100.0% liked)
Privacy
32456 readers
502 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You do not need the "sandbox" since you can control Google packages permissions using AppOps mechanism. It is the gist of kdrag0n's Sandboxed Play Services. You can manipulate any Android package in any way you want using a privileged AppOps permission controller and firewall with HOSTS or custom domain blocking.
What is Sandboxed Play Services? I've searched for it but I seem to find contradictory information. Looks like a feature that needs to be added explicitly to a ROM by its devs? It seems to have originated with GrapheneOS but there's no mainstream support, in LineageOS for example.
All I know is that its a feature of GrapheneOS, and is the main reason why I switched over to it.
It originated in kdrag0n's Proton AOSP custom ROM. GrapheneOS just took it and rebranded it as their own invention, like Apple does.
Sandboxed Play Services merely restricts app permissions of Google Play related packages using AppOps mechanism, and probably restricts their networking a little bit. All this can be achieved on any Android phone without rooting or unlocking via ADB/Shizuku and a firewall.
Oh that's interesting. So basically it's just Google apps running in userspace as opposed to system apps, and subject to any restriction you can throw at user apps? I imagine that Xprivacy would work too in that case.
Pretty much, you understood. This is the kinds of justification I have for fancy custom ROMs like GrapheneOS being the equivalent of snake oil. Some bad actors try to twist it as me being malicious, even though I am just telling the facts about how things really are. They do not make life easier, they do not make privacy easy to attain, they make it harder or impossible to use everyday apps, and they forbid you to question their product or motives. FUCK THAT NOISE.