• [deleted]

Hello GrapheneOS,

This also might be a silly question, but does using sandboxed google play store, gps, and gsf totally nullify the privacy and security? I know they are in the app sandbox but doesn’t it still go to google servers that so and so is using a pixel and all that?
I am torn between using sandboxed plays store or aurora store. I know I will need to login to download apps in the play store I just don’t want to ruin all the work of trying to do better with my security and privacy!

Thanks for any help!

    [deleted] No. In fact, most of GrapheneOS's features improve your privacy and security regardless of the apps you install. Play Services is constrained in the same way as all other apps, so it doesn't inherently come with more privacy or security issues.

    If you're concerned about what information apps can collect, you might want to look at https://grapheneos.org/faq#hardware-identifiers and https://grapheneos.org/faq#cellular-tracking. To answer your question directly, all apps can see the device model, and the Play Store in particular uses that functionality to fetch optimized APKs for your device.

      [deleted] while it doesn't inherently come with 'more' privacy issues. If you're overall aim or desire is to reduce to the absolute minimum what data Google has access to sandboxing them certainly reduces this drastically but still not to the degree that not running them would. Just be aware that when it comes to privacy it is you not the OS that holds the control because it is down to you what you give it access to and what information you provide them. This includes installing them and letting them see the other apps in the profile. other apps hooking into them and the ability of apps to use IPC to communicate between each other where both explicitly consent to do so. Controlling privacy is controlling exposure of data. The best way is to use GrapheneOS as is at first use, everything you do from then must be seen as a considered compromise based on your threat model.

      The reason the project provides sandboxed Play Services is to enable everyone to use what they need, how they need to, based on what I said above, using all the tools the OS provides.

      It is for this reason for my use case and when asked I advise using them in a secondary user profile. However my daily use case permits me to operate a 90/10 split between my non Google/Play user and my Play Services user.

        • [deleted]

        MetropleX thank you that was very helpful, if you don’t mind me asking do you use the sandboxes google plays store on your secondary or something like the aurora store?

          [deleted]

          Just to straighten out a few things; while GrapheneOS does a heck of a lot to reduce the security hit or running google software, ultimately, it can do nothing but open up some additional risk for you.

          So the way I would suggest going about it is this; if you can get by without google services installed, you might as well do so.

            [deleted] I use Play Store logged into a legacy Google account that I use for Family Link purposes otherwise would use Aurora.

            abcZ the way GrapheneOS operates sandboxed play services does NOT introduce any security risk.

            The additional risk you mention is ONLY a privacy related one and is what is mitigated against with our implementation. The level of that risk to your privacy is placed entirely at your hands by the OS which as explained gives you the tools to decide your level of exposure.

            This is all explained in the documentation for them on the website.

              • [deleted]

              MetropleX if you don’t mind me asking what is a legacy google account? Like a throwaway account?

                [deleted] I call my old personal account that I used before moving to GrapheneOS with app purchases my legacy account. I have a throwaway for a Labs profile I use to replicate issues to help support and troubleshoot for others on here and other GOS portals.

                  • [deleted]

                  MetropleX this has been very enlightening thank you so much for your help!

                  MetropleX the way GrapheneOS operates sandboxed play services does NOT introduce any security risk.

                  No, its not completely removing the security risk, its reducing the security risk. You're still running closed source software that does whatever the heck google wants. Yes you can reduce the data it has access to, but its still doing something, which I believe is actually why you might install it.

                    abcZ doesn't matter if closed or open source, the apps can't exploit the OS any differently than any other user installed app.

                      MetropleX Who said anything about exploiting the OS? Security means a lot more than that.

                        abcZ Who said anything about exploiting the OS?

                        We are in a 'General' Topic on the GrapheneOS forum with an OP who asked:

                        [deleted] does using sandboxed google play store, gps, and gsf totally nullify the privacy and security

                        If you wish to discuss the issue of security based on your defined scope then a new Off-Topic thread would be appropriate where you can outline the terms of discussion around how you believe using them on GrapheneOS affects your security using it.