Thanks for the post, I didn't know that apps like Signal or Whatsapp didn't need access to phone permissions and logs to work, so I've done a little clean-up.
I'm really looking forward to seeing the rest of the new features, well done to the GOS team!
I'm also very pleased to see that you're managing your project as you see fit, without any outside influence. Too many projects have lost interest by trying so hard to please everyone.
thank you for the detailed explanation :-)
I am very happy with my GrapheneOS experience. The whole OS works stable and just gets out of my way. Best Phone Experience I ever had.
Perfect, I did it now on viber.
"If you don't want apps having access to this, then simply reject their request for it. If an app insists on having it and won't work without it, use a different app."
A reminder for everyone, this not only applies to your smartphone apps, this concept can be applied to everything you do, pick providers/sellers/businesses that don't try to violate your data and privacy. Example: Applying for sim card? Pick one that don't ask too many details or is doing credit checks
GrapheneOS We have limited development resources and a lot of them need to be spent on maintaining what we already provide and porting to new Android releases. Since we continue to add more features and raise the bar for quality, we have increasingly reduced time for adding new features.
The more features you add, the more time you need to maintain and you need to port to newer android versions...a never-ending vicious circle that is becoming increasingly difficult.
That's why I agree, the features that are implemented should be well thought out and serve the majority rather than a minority
Thank you for this detailed post with helpful information and the insight into which features are currently being worked on.
Thankyou for the detailed post and helpful information, this is informative and well communicated
Thank you for the clear and honest communication. I am very grateful for your time put into this and I totally appreciate your efforts in developing the features you see fit for future releases. Using this amazing software is a privilege, not a right.
Sadly WhatsApp doesn't allow a user to make or even receive voice calls without granting the Phone permission.
I would love to use a different app but too many of my friends are using WhatsApp only.
Is there a known workaround to avoid granting WhatsApp the Phone permission while still being able to make or receive voice calls?
DeletedUser115
maybe not the ideal solution, but have you tried to communicate via WA voice messages instead? initially i was skeptical, but offline communication made my responses much more measured and articulated. my travel phone sim is currently disconnected and is connected to GOS WA via add account feature and chat/voice messages work.
Thanks. Its sad to have clarified but i glad you did it. I always shocked to hear developers getting attacked or harassment.
P.S. Its nice to get a bit of information on what is worked on. I am existed at leased and glad of the work of the team.
GrapheneOS You guys have completely changed my life. As well as many members of my family and friend's lives, in a seriously massive way, by leading the charge and changing the game in the privacy and security world. All of this is given to us for free, which a surprising lot of people seem to forget and act as if they're entitled to something specific that they want without having even donated or contributed in any way.
I used to get annoyed about how WhatsApp won't let you even make/answer calls without the Phone permission. But now I just don't answer WhatsApp calls at all. If I get a missed call, I send them a pre-written message giving a brief explanation as to why I only enable WhatsApp to check messages once a day, then disable it again (something that is made possible/far easier thanks to GOS). I then give them multiple options to contact me on, that are far better for privacy, like Molly/Signal. If they can't be bothered then too bad.
I know the example I gave above, isn't possible for everybody. I know there are people who have to use WhatsApp for their jobs and things like that.
It just frustrates me how GOS has people upset with them because they haven't implemented every single perfect privacy preserving feature in the world yet so people can (in their minds) use seriously invasive apps but not have their privacy invaded at all.
We need to just do our best to not use apps that insult our intelligence by forcing permissions on us in a transparent attempt to get more data from us...
The clipboard control sounds very exciting, as do the other upcoming features!
Thanks as always to the GOS team!
Thank-You for the hard work that is done for GrapheneOS, staying focused on the priorities is key. This approach is much preferred over trying to focus on everyone else's wish list.
GrapheneOS One of our top priorities for privacy is providing control over which apps can read clipboard contents set by other apps when they focused, etc.
Sooooo Good to hear that.
The USB port security and clipboard privacy are main reasons I switch to an alternative OS. Looks like GrapheneOS happen to fulfill both of them.
The previous thread was deleted so I'm re-posting my question here
Are there any other permissions say call logs or SMS, that could lead to the disclosure of sim phone number?
Based on the @GrapheneOS 's previous post, it seems SMS permission will also lead to the disclosure of sim phone number as well
Being able to make a carrier-based call implies being able to obtain the phone number, in the same way as sending a text message implies it. It's straightforward that it would simply give access to it directly too. Even if it didn't, it could be obtained by making a call.
[deleted] The SMS and call log permission groups are regarded by Google as highly sensitive permissions.
See:
So yes, the call log and SMS permissions absolutely do allow the app access to your phone number.
After all, the permissions give the app access to your call logs or your SMS messages, and both those logs contain your phone number within.
I installed a banking app. When I launched it, initially it asked for the Phone permission, and if not given, it would refuse to work. Apparently, one of the permissions under it was CALL_PHONE, which has such a note (read the AOSP permissions manifest):
An app holding this permission can also call carrier MMI codes to change settings such as call forwarding or call waiting preferences.
This is just an expansion on what has been said before. My personal choice was to choose another bank that does not force me to accept this privacy unfriendly permission, even though calls by the app could be made without holding it.
treequell and both those logs contain your phone number within
The call log not only provides access to the incoming and outgoing numbers of the other party but also to the SIM card of the phone itself, I see.
From your link
Apps must be actively registered as the default SMS, Phone, or Assistant handler before prompting users to accept any of SMS or Call Log permissions.
It's strange that the Phone permission prompt doesn't have such requirement, i.e must be actively registered as default SMS, Phone, or Assistant handler. This will eliminate those blocking phone permission prompt like in mysudo or whatsapp
DeletedUser115 Is there a known workaround to avoid granting WhatsApp the Phone permission while still being able to make or receive voice calls?
My current workaround is to have an iPhone for any apps that requires phone/sms/call log permission. On iOS, no app is allowed to ever access sim card phone number/sms/call log regardless of what permission you give, absent of a jailbreak. https://developer.apple.com/forums/thread/16685
@[deleted] Your link is about third party iOS app's access to incoming sms, not about access to the phone number. So is there a real source that "On iOS, no app is allowed to ever access sim card phone number"?
@876fi I also had an android banking app (wallet) that asked for the phone permission. check https://discuss.grapheneos.org/d/14652-does-nfc-payment-apps-need-phone-permission I still got no explanation, why they keep asking for this permission.
@GrapheneOS Thanks for your statement.
