Can sandboxed Google Play Services collect data from Gboard?

kullanici32 That just doesn't make sense. You seem to think only Play Services can communicate with mutual consent, but this is something that all apps in the same profile can do (with mutual consent).

Google Play Services are sandboxed the same way as all other apps. Singling them out without thinking that other apps (which contain Google libraries) could do the same doesn't make sense.

Our community explaining how things can technically work and what's possible doesn't mean this happens in practice, that it's a significant issue, or that even if you're really worked up about it, you can't work around it, including by using a separate user profile for sandboxed Google Play and some apps.

Also, GrapheneOS is working on App Communication Scopes to prevent this kind of communication even in the same profile.

Going to stock where Google Play has privileged access to your device is shooting yourself in the foot if you're worried about a theoretical.

kullanici32 Just a food for thought. Despite all previously said and although I do not have a proof, do not make a mistake of not thinking that ALL Google apps were not pre-designed to communicate with each other and especially with Google Play Services which won't work without network access and predominantly if not exclusively communicate with Google or affiliate infrastructure. Always assume zero trust.

[deleted] Currently I only use the Google versions of Gcam, Gboard, Photos (for Gcam preview) and Contacts (for setting personalized ringtones), unfortunately there are no alternatives. If I use them without play services, there will be no problem, because none of them will have network permissions.

kullanici32 hint, this is for all those who use G.P.S.

[deleted] Although I do not have a proof, do not make a mistake of not thinking that ALL Google apps were not pre-designed to communicate with each other and especially with Google Play Services [...]

The forum moderators have expressed a distaste for unfounded claims. It is one thing to point out that something is technically possible, as opposed to suggesting, without evidence, that people should "think" certain things are true.

It is reasonable to assume the Google apps are designed to communicate with Google Play Services for the purpose offloading certain common functions. It may allow significant code reuse depending on the implementation. I suspect that Google might use Google Play Services as a central application for sending metadata since that would be a reasonable design pattern, but that is merely speculation. I have no specific evidence.

It is technically possible for all Google apps to be designed to use IPC to bypass network restrictions, but it is a highly niche case. Using other apps to send metadata for all other apps in the case where GPS lacks network permission (a non standard feature) is possible but is an unusual design. I would need evidence before having confidence that Google follows that sort of design.

de0u unless opposite scenario can be confirmed by complete reverse engineering of said software which goes through frequent updates isn't it prudent to be careful and assume that such things happen rather than be sorry later?

[deleted] The really powerful way to stop Google from seeing one's photos is to not use Google Camera. The really powerful way to stop Google from seeing one's contacts is to not use Google's dialer. The really powerful way to stop Google from seeing what one types is to not use Gboard. The really powerful way to stop Google from knowing one's whereabouts is to not use Google Maps for navigation.

Various people suggest various tricks and rituals by which they hope it is possible to share data with Google apps while ensuring Google doesn't get their data.

But on the one hand those suggestions often overlook that many of these applications inherently contain code to buffer data during brief network outages, so turning network access on and off is unlikely to thwart those apps from sneakily sharing data if -- hypothetically -- they contain code to do that.

And on the other hand some Google apps refuse to run without network access, without a Google login, without IPC access to various parts of Google Play, etc.

Do the tips and tricks and rituals work? Would IPC filtering stop undesired assumed-but-never-demonstrated sneaky leaking via IPC while leaving the apps usable?

The really powerful way to avoid Google misusing one's data is to not process the data with Google's apps.

de0u I do not disagree and it is an approach that I have taken and defended for a long while and I am more certain of as the time goes by.

de0u this is all well and nice but the fact that any evidence hasn't been brought forward to date to support this alleged unwanted behaviour (whether it exists or not) doesn't mean that such evidence doesn't exist. A number of people is involved in direct development of this software yet there have been no leaks of source code which could mean that they honour their contractual restrictions or plainly fear for their lives if any such leak occurs. I will go ahead and distrust what I deem should not be trusted and I have full right to my opinion. I am not here to convince anybody to follow my belief just to bring a reasonable doubt. As an analogy, whole governments have been run for centuries on religious beliefs that can not be scientifically proven and it is not at all questioned. Or we follow a officially recommended low fat low cholesterol diet that is making whole populations metabolically ill. Think about it. I am not going to pursue this subject further, I have made up my mind already.

kullanici32 microG however requires signature spoofing. Allowing any app to spoof the signature of an other app is a major security risk, signatures are what the operating system uses to ensure apps and updates haven't been tampered with or infected with malware. I'm sure with that everyone can see why that mechanism wouldn't be allowed on GrapheneOS!

[deleted]

• The fact that any evidence hasn't been brought forward to date that "de0u" isn't an LLM chatbot written by an industrialist cabal to lull people into a false sense of security about big tech products doesn't mean that such evidence doesn't exist. A number of people are involved in direct development of chatbot software yet there there have been no leaks of OpenAI source code which could mean that the developers honor their contractual restrictions or plainly fear for their lives if any such leak occurs.

The problem with that line of argument is that it proves anything equally well (thus, not at all well).

• The fact that evidence hasn't been brought forward to date that Queen Elizabeth II was an invisible trans-dimensional lizard/human hybrid directing the global illegal drug trade doesn't mean that such evidence doesn't exist. A number of people are involved in the global illegal drug trade ... fear for their lives ... etc.

Historically a great way to rank hypothetical possibilities is to see which ones are supported by evidence. With respect to covert malware, there are outfits such as Citizen Lab that specialize in examining evidence of covert malware and reporting when they find evidence of covert malware.

Tryptamine Google is certainly not listening into your conversations!

*on GrapheneOS

de0u exactly. It is much more likely that the absence of evidence is evidence of absence

fyi, removed some discussion and replies about unfounded claims about Google spying to keep things on track.

I feel that OP's answer has been answered many comments ago, so to keep this discussion from going back to unfounded conspiracy theories about Google, I'm going to be locking this thread.