• General

  • Please fill in my single missing piece to making Graphene my 100% use tool

davey Yes I understand. For many years I used business calendar too. I only changed it because lack of tasks support for other tasks than google. I made feature requests but they didn't implement it.
Then I found aCalendar+ that is the only calendar that can display tasks.

    davey I understand what sandboxed means.

    With all due respect, I can't help suspecting otherwise.

    davey What i asked is what is sandboxed from what. Is each app sandboxed from each other app, or are all apps in the same sandbox?

    Each app is in its own sandbox. But "sandboxed" does not mean "100% isolated from other apps", for multiple reasons:

    1. In Android, apps are allowed to and expected to share information with each other.
    2. Even if overt channels were all barred, which they are not, there are enough covert channels that one should not assume perfect isolation. As just one example, apps could (slowly) covertly communicate information by modulating their CPU usage.

    davey If the latter, then what is and what is not in the sandbox?

    https://source.android.com/docs/security/app-sandbox
    https://developer.android.com/training/basics/intents/

            davey If each app is in the sandbox, then is vanadium in the same sandbox as the google account? Is everything i access via that browser in the sandbox?

            This question sounds simple, but it isn't. Android is set up so that browsers and apps work together to make things convenient for users. See: https://grapheneos.org/usage#app-link-verification

              davey Where is the boundary?

              There are many boundaries.

              Apps in the same user profile are expected to cooperate, within limitations imposed by the sandbox infrastructure -- each app runs in its own sandbox but is allowed to communicate with other apps. Apps in different user profiles are somewhat isolated, but only somewhat. If a secondary profile is authorized to, apps in it can use the owner profile's contact database and/or call logs, etc.

              The system is complicated -- perhaps too complicated. But any attempt to explain it with one or two simple rules is unlikely to be accurate.

                  de0u What I am really seeking but extremely unlikely to find is a simple 1 paragraph answer to the question: what are the consequences of adding a google account to a graphene phone?

                  But you are providing reading resources which is helpful

                  • de0u replied to this.

                      davey What I am really seeking but extremely unlikely to find is a simple 1 paragraph answer to the question: what are the consequences of adding a google account to a graphene phone?

                      I don't think there can be a short answer, other than maybe: the consequences are 96% the same as adding a Google account on a regular Google Pixel OS phone. Installing Play on a GrapheneOS phone is supposed to enable as much as possible of the Play ecosystem to work.

                      Here is a Google inventory of that ecosystem: https://developers.google.com/android

                      I suspect the part you were recently surprised by is "Play Games Services". But installing the ecosystem means it's all there, and all the apps in the same user profile get to use all of those services.

                        To close off:

                        My current build of my phone has zero Google account info in it, and never has.
                        I use Proton Mail for calendar, and I keep my phone contacts local and backup to Proton Drive sporadically.
                        Apart from the Proton apps, I pretty much have none. If I want to do some banking or whatever, I use a web page rather than an app. No social media or games. Its a phone not a toy.
                        I use Aegis for MFA and I use Catima for tickets.
                        I do use Spotify for music and Google Maps for navigation on Android Auto.
                        If I want to pay I have cash and a card in my wallet which I carry with me.

                        It works really well and I am really happy. This is a solid product that can work well if you adjust your trained expectations of having 100 apps on your phone, all with an amount of telemetry built in.

                          davey

                          On an unrelated note, what is your setup for making/receiving legacy calls and & sms? Do you use a normal carrier SIM card or voip or something else? That has been my struggle as I like to have several phone numbers available to me for different purposes

                            good old fashioned sim card
                            the way voip works over wifi is very cool, but i am on the move a lot and often not in wifi range.

                            21 days later

                            davey Did you ever find a solution to using the Square payments app on GrapheneOS?
                            What happens exactly when you tried using it?

                                FWIW I run Proton VPN 100% of the time, and Android Auto doesn't have any problems with it.

                                Also, I keep all of my contacts in Proton (granted it's a little more work as you have to access them via the mail app). But it does work.

                                  zpunout i have a seperate old google phone that never leaves home and just runs square as needed.

                                  Speeduser7533 i might try that again.