this post was submitted on 10 Jun 2024
50 points (100.0% liked)

Privacy

32456 readers
522 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I have been considering replacing my nearly 7 year old iPhone (although very reluctant) and I was checking for options. Really the only phone that caught my eye was the Sony xperia 1 V, but I found no information about how to degoogle and lock down the device. I really like the features and the built in camera apps, etc. Is there a way to degoogle the phone without loosing the funcionality/ease of use?

all 43 comments
sorted by: hot top controversial new old
[–] [email protected] 15 points 6 months ago* (last edited 6 months ago) (2 children)

De-googling inherently causes functionality loss on Android because Google provides a lot of basic services via things like the Google Services Framework. It might be best for you to buy something cheap (secondhand Pixel?), install LineageOS, and then see how you like that before committing to something costly like an Xperia, especially since you're coming from iOS.

[–] [email protected] 15 points 6 months ago (2 children)

The only functionality I've lost after migrating to a Pixel with GrapheneOS is the Android Device Policy (aka Work Profiles, the spyware your employer requires to use certain work apps)

Good riddance if you ask me lol

[–] [email protected] 2 points 6 months ago* (last edited 6 months ago) (1 children)

Quite a lot of apps cease to provide real-time notifications/messages, if they work at all, when Google Play components are not installed under GOS. At the very least, Google Services Framework is required for many mainstream apps.

[–] [email protected] 5 points 6 months ago (1 children)

That's what the Google Play Sandbox is for.

[–] [email protected] 1 points 6 months ago (1 children)

Other ROMs don't have Sandbox.

[–] [email protected] 1 points 6 months ago (1 children)

You do not need the "sandbox" since you can control Google packages permissions using AppOps mechanism. It is the gist of kdrag0n's Sandboxed Play Services. You can manipulate any Android package in any way you want using a privileged AppOps permission controller and firewall with HOSTS or custom domain blocking.

[–] [email protected] 1 points 6 months ago (2 children)

What is Sandboxed Play Services? I've searched for it but I seem to find contradictory information. Looks like a feature that needs to be added explicitly to a ROM by its devs? It seems to have originated with GrapheneOS but there's no mainstream support, in LineageOS for example.

[–] [email protected] 1 points 6 months ago

All I know is that its a feature of GrapheneOS, and is the main reason why I switched over to it.

[–] [email protected] 1 points 6 months ago (1 children)

It originated in kdrag0n's Proton AOSP custom ROM. GrapheneOS just took it and rebranded it as their own invention, like Apple does.

Sandboxed Play Services merely restricts app permissions of Google Play related packages using AppOps mechanism, and probably restricts their networking a little bit. All this can be achieved on any Android phone without rooting or unlocking via ADB/Shizuku and a firewall.

[–] [email protected] 1 points 6 months ago (1 children)

Oh that's interesting. So basically it's just Google apps running in userspace as opposed to system apps, and subject to any restriction you can throw at user apps? I imagine that Xprivacy would work too in that case.

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago)

Pretty much, you understood. This is the kinds of justification I have for fancy custom ROMs like GrapheneOS being the equivalent of snake oil. Some bad actors try to twist it as me being malicious, even though I am just telling the facts about how things really are. They do not make life easier, they do not make privacy easy to attain, they make it harder or impossible to use everyday apps, and they forbid you to question their product or motives. FUCK THAT NOISE.

[–] [email protected] 2 points 6 months ago (1 children)

Does GrapheneOS result in a loss of work profile? That is a massive disadvantage to compartmentalisation of apps. Thanks for letting me know.

[–] [email protected] 3 points 6 months ago (1 children)

It just doesn't allow you to use the Android Device Policy work profile which makes it so you can't log into Slack for work (for example) if it depends on the work policy spyware being active on your phone.

I get that for some people that's a non-starter but for me who vehemently supports and exercises my Right To Disconnect, not having spyware on my phone for work is a good riddance.

[–] [email protected] 1 points 6 months ago* (last edited 6 months ago)

For work you should anyway demand a separate phone from company, or company budget for separate phone. Never run company spyware on your own phone. Tell them you will buy the absolute dirt cheap phone for work purposes, and will not be usable outside of work hours.

[–] [email protected] 5 points 6 months ago (2 children)

Isn’t there maybe a way to keep the factory os and selectively disable google services. Sort of no-script style? Not too familiar with the android ecosystem tbh, other than google is on top of the food chain, haha.

[–] [email protected] 3 points 6 months ago* (last edited 6 months ago)

In principle, one could probably do this to a rooted phone by removing all the Google apps, and all the Google services, and giving up the other apps and services that depend on them. It would be a nontrivial task, and the steps would likely be different for each phone model (and possibly each OS version). I don't know of a project that does this successfully. You might try searching xdaforums.com for someone who has done it.

However, I wouldn't depend on Google services staying disabled when Google still controls the OS.

IMHO, it's safer and easier to replace the entire OS.

[–] [email protected] 13 points 6 months ago* (last edited 6 months ago) (1 children)

I have an Xperia 5 III.

All the Sony Xperia phones consistently & eventually make it to LineageOS mainline (so LineageOS for microG support too), but these ROMs don’t tend to come until near then end of a device’s 2 year warranty. I would assume that this is when they get cheap/used enough that developers can get their hands on them. Sony provides all the tools to unlock so it isn’t difficult or locked behind some centralized server for unlock keys. However, the nice cameras the come with… well you need their proprietary app unfortunately or the camera becomes a plenty bad device with the default LineageOS software.

On the plus side you get to support the only brand still shipping flagships with microSD, a headphone jack, and the ability to unlock bootloader (bonus the the 5s are <6" screens which is rough to find smaller phones now). Google Pixels won’t get you a headphone jack or microSD & Asus Zenfones don’t have unlockable bootloaders.

[–] [email protected] 2 points 6 months ago (1 children)

I have an xperia 1 iii running LineageOS w/microG and I was able to get and install the sony stock Photography Pro, Cinema Pro, and Videography Pro apps, however several features of these apps are missing, such as the ability to do panorama shots and other stuff.

[–] [email protected] 2 points 6 months ago* (last edited 6 months ago)

Yup. That is the tradoff. I’m willing to accept that one.

[–] [email protected] 8 points 6 months ago

You might check xda forums and see if it's capable of flashing a custom ROM. Not sure how much functionality you might forfeit though

[–] simonmicro 5 points 6 months ago

Google for Sony Open Devices. AOSP, but running on Sony devices. While I prefer LOS, SODP is always the beginning to port it from.

[–] [email protected] 2 points 6 months ago* (last edited 6 months ago) (1 children)

DivestOS is the most degoogled (removes the most proprietary blobs) android ROM. See if your device is on this list: https://divestos.org/pages/devices

[–] [email protected] 1 points 6 months ago (1 children)

Seems nice, but no root as far as I've seen, which kills it for ne

[–] [email protected] 2 points 6 months ago

Yeah, any security focused android ROM won't include root because it breaks the android security model. Breaks the ability to have secureboot and system safety checks by apps.

[–] [email protected] -1 points 6 months ago

Glue and ductape