I have been modifying my phone and using custom roms since the days of WM5. When android came out, and I got a Droid Eris, I immediately started doing the same thing. Back then I did it for fun, until I noticed the push toward information collection from pretty much everywhere. In 2013-2014 I began a privacy journey to keep my information from being stolen from me through my use of any device connected to the internet. My phone left me the most vulnerable.

I started rooting my phone to install custom roms, and use specific tools like Xprivacy, which required Xposed framework. This app "spoofed" my info to keep my real data safe from being leaked to every app on my phone. Rooting my phone also made it much easier to do backups with all device data. Then I started removing Google Play services from modified stock roms when MicroG was first developed. This was the best option I knew to have a little more privacy, but still have functional apps.

Fast forward a few years to when privacy focused roms are being developed for the Google Pixels (GrapheneOS and CalyxOS). These allowed the bootloader to be locked to keep verified boot. This adds alot more physical protection, but I was still unclear how these roms protected my device data without it being rooted, Xposed, and with XprivacyLUA installed.

I know there are some tools that do not require root (App-ops and Shizuku Manager) but I think App-ops is closed source which I would like to stay away from.

Until now I am using my Pixel 6 with a privacy focused rom, but I keep it rooted with Magisk, with LSPosed installed, and XprivacyLUA. This makes me feel more secure that my data isn't being leaked, but I am more vulnerable without verified boot, and convenient OTA updates.

I would like to know if anyone has a solution for restricting or feeding apps false information that does not require root. Or does GrapheneOS implement ways to protect personal data and device information from being leaked?

    llll

    GrapheneOS doesn't have a way to send faked data built in.

    There's so much about the rest of your question that it's hard to answer fully. I'd read up on the info on the GrapheneOS website, especially the features page.

    llll ways to protect personal data

    I'd suggest using user profiles for isolating data. You could even make a profile with fake data if you'd like.

    Other things that GOS does that I can think of off the top of my head are: secure app spawning, hardened web browser and Webview (Vanadium), improved Android app sandbox, storage scopes, faster patching/updates...

    llll device information

    I'd read up on two related topics on the website: Hardware identifiers and the following section, non-hardware identifiers.

    • llll replied to this.
      18 days later

      I have read through all the the Features, Usage, and Release Notes, but there is still somewhat of gray area as to what information is leaked. I also can't see all the information apps are accessing in the Privacy Dashboard. I can only see what permissions were used.
      App Opps supposedly shows the information that is being accessed but I have never used that app and I am having some difficulty installing it on GrapheneOS. When I used XprivacyLua, I could see exactly what information apps were requesting, and when it was requested. According to XprivacyLua, mostly apps request my SSID, Android ID, Subscription ID, Carrier, BSSID, Bluetooth Name, etc.
      Right now App Ops requires the Shizuku App to be installed and that requires activating Wifi Debugging and pairing the device with a pairing code. I don't know enough about wifi debugging to feel comfortable doing this. Could there be any risks?

        llll I think this topic is excellent. I hope folks with knowledge post to it.

        For me the answer is:

        1. GrapheneOS. My primary concern is avoiding being hacked and I believe GOS is the best of the bunch.
        2. Given GOS, as much as possible I'll have a policy of "no apps".

        Instead of little weather, banking, protonmail, etc. apps, I load Vanadium into my "regular user" along with bookmarks which reference webpages such as local weather, my bank, protonmail, etc. This is definitely not sexy, nor as much fun as having individual apps - but I believe Vanadium does not leak my personal information, and it is a properly hardened app and not an unknown vulnerability (THIS IS IMPORTANT). I don't get push notifications for any of these, so I need to occasionally "check my mail" by refreshing those pages. It is fine!

        The exception to this will be a smart watch. For that I'll have a dedicated secondary user named "watch" which does nothing other than connect to a watch. Which watch? I'll look for one that can be connected to a google-free Gasketbridge watch "app" on my P7 - likely a Zepp.

        So far no Google anything, though Google knows that my P7 exists because I had to connect to it when I installed GOS, and if I ever use an esim I'll have to connect again (i.e. no esim for me).

        Sigh..... if necessary, I'll sadly install the sandboxed google apps into "watch", but as a last resort. I'll load a bunch of bogus user information into "watch" as well.

        I have no illusions about becoming invisible - I just don't want to make my personal stuff easy for them.

        9 days later

        unwat There's so much about the rest of your question that it's hard to answer fully.

        My specific questions are:
        I am more vulnerable without verified boot?
        Is there a solution for restricting or feeding apps false information that does not require root?
        Is there a way to see all the information apps are accessing (not what permissions are used)?

        Thanks for your input.

        a year later

        Like the OP I currently have a rooted (Magisk) device (S20fe), with Xprivacy (Xpy) installed via LSposed and using Afwall+ for my firewall. But as a result of my banking app of having 10yrs with not objecting to root, as of a an update now has, I have also started my research and testing of gOS.

        So far I like the idea of the firewall being baked in and not needing root, thus allowing me to use a VPN etc. But I dont like the fact I dont appear to have the same level of granular control that I have with Xprivacy. And as a result I am still bound by whatever permissions are present by the OS only. Ive attached 3 screenshots sow the granularity of Xpy.

        Well there might be hope, in the form of LSposed, LSPatch that appears to work without root - https://github.com/LSPosed/LSPatch. That and XPY has now been superceeded by by Xpl-Ex - https://github.com/0bbedCode/XPL-EX