• Off Topic
  • GOS Single Profile + Google Apps vs Stock Pixel

Asking for a family member who still uses lots of Google apps, has no immediate plans to stop using them, and if they were to switch, would want a simple one profile setup unlike the multiple profile setup I'm using.

Would the remaining privacy and security benefits of switching to GOS be worth it for them?

They plan to keep using:
Play Store
Gmail
Google Contacts
Google Calendar
Google Drive
Google Docs/Sheets
Google Photos
Pixel Camera
Google Maps
Find My Device
Google Earth
Google Messages
Google Dialer
Google Voice
Google News
Google's text to speech synthesizer

On stock, they've already switched to Brave and disabled Chrome. I got them to switch to Heliboard since potential key logging spooked them. And they switched from YouTube to using Newpipe and Brave. They do have Signal installed, but they mostly use RCS/SMS and sometimes WhatsApp.

I understand that play services are sandboxed, but given that they'd likely need to allow almost every permission just to get all of their Google apps working, would that not break the sandbox?

Given that they will lose some features like Google wallet/Pay and RCS potentially, are the remaining GOS benefits worth it for someone like this or should I stop bothering them about it? They don't really use google wallet, but they do use RCS daily, especially in the future since most people they know use iphones.

They don't have a high threat model. They more or less trust Google when it comes to day to day security. Right now, its more of the "creep factor" than anything else. They're comfortable using specific google apps. But they're unsure what else google is getting without their knowledge simply by using an Android phone. With the advent of all this new AI stuff, they're more concerned about device spying and telemetry than they were before. I'm just not sure how much Grapheneos will help in that regard if they "break" the sandbox with so many allowed permissions nor am I familiar with the full scope of what stock pixel is doing in the background compared to GrapheneOS when the same apps are installed.

I understand people will have different thoughts. I'm asking this to gain additional perspectives more so than asking for other people to make a decision on their behalf. I really look forward to reading responses!

  • Edited

I recently asked them to list the reasons they're uncomfortable using stock android. They just responded and here's what they wrote;

"

  • unsure if google can take screenshots of my phone without my knowledge. Microsoft just said they're going to start doing this.

  • unsure if google can see what I'm doing inside my non-Google apps. can they see stuff I'm doing in brave? Can they read my Signal/WhatsApp messages when the apps are open?

  • if I turn my microphone, camera, and location off, is it actually off or is google still secretly listening?

  • if camera and microphone are turned on, but im not actively using them in an app at that moment, is google still recording me? Is it recording me when the phone is locked?

  • can google still log what I type even though I switched my keyboard and voice to text?

  • can google read files stored locally on my phone?"

  • xxx replied to this.

    If they are planning to keep on using Google services, features like Sandbox, Contact Scopes, and Storage Scopes will definitely be beneficial at preserving privacy. Just make sure to keep google from sensitive info by restricting their unnecessary permissions like internet for Pixel camera; camera doesn't need network to operate, and so are many other apps from Google.

    Try to convince to use alternative, privacy respecting services that will not have any impact:

    Play Store - Aurora Store (PS without account) + Obtainium (to download Foss apps from any store with just a link to a repo). Pls note that GOS community recommends not using AURORA if you end up installing GSF anyways to strengthen security.

    Gmail - free Proton or Tuta mails. I believe they have a tool to transfer all mail from Gmail effortlessly.

    Other G apps - restrict to the oblivion and use Web apps where possible (that's a general OPSEC, don't install stuff you don't want on your device). You can do that by going to Gmail website, for example, and clicking there dots on the up right and clicking "Add to Home screen."

    You can freely install Google TTS engine, G keyboard, and G recorder and restrict their internet access to prevent keystrokes from leaving your device. I recommend installing Futa Voice if you don't want to install GS Framework (though I think many proprietary apps will need it be functional)

    It's okay to use one owner profile of it it's such a hustle. Basically the only reason for profiles is to prevent apps from communicating between each other by separating them. In addition, it is simple to wipe the whole profile out in the extreme cases. You can create just one profile for very invasive apps like banking and delivery as they mostly stop functioning if you restrict then in any way.

    And yes, good old Google does spy on you in every possible way in stock. Circle to search and new Find My were the last straw for me

      Using GrapheneOS will probably provide some more privacy. The question as I see it is they don't seem to be willing to adapt to another system and will probably revert back to stock quite quickly because GrapheneOS requires them to renounce whatever feature or gadget, or simply changes the way they do something.

      Sbpr

      I don' t get it Zero trust in the producer but planing on using every service. I think google dialer is not compatible with graphene.

      But with this list they can stay on stock.

      Play Store
      Gmail
      Google Contacts
      Google Calendar
      Google Drive
      Google Docs/Sheets
      Google Photos
      Pixel Camera
      Google Maps
      Find My Device
      Google Earth
      Google Messages
      Google Dialer
      Google Voice
      Google News
      Google's text to speech synthesizer''

      • mmmm replied to this.

        xxx But with this list they can stay on stock.

        Why should they though? Thats strange advice. They dont need to. Most of these shpuld work on GrapheneOS, and with GrapheneOS they have considerable benefits over stock even if using all and only google apps and services.

        Its not what I would what, but one step at a time. At least they're waking up to what's going on.

          • Edited

          mmmm

          OK GrapheneOS is better for sure. But I don t understand people that use 'all' google services despite of having zero trust in the company.

            xxx nor me but its none of my business.

            KontraGoog

            KontraGoog And yes, good old Google does spy on you in every possible way in stock. Circle to search and new Find My were the last straw for me

            Do you have sources or explanation what exactly is wrong with circle to search?