matchboxbananasynergy That's fair. My question was answered days ago actually. I definitely didn't expect a one-liner comment I made then to cause this much engagement.
How does Private Spaces isolation compare to secondary user profile?
- Edited
@matchboxbananasynergy Actually, I wouldn't mind if the VPN-over-VPN discussion was split out into a separate thread from mine, since it had nothing with my thread to do. Many of my questions in my original post is still unanswered, but I guess many would not feel encouraged to answer them even if they know the answer, since there is an unrelated heated debate going on here.
But I guess I will be able to answer most of those questions myself whenever the release is finally made, in case no one actually knows.
12 days later
ignition Chaining VPN connections is supported. Using local filtering at the same time as a VPN is supported. You're simply wrong about these things. Your issue is that you're using apps not supporting it. It has nothing to do with profiles and it wouldn't make any sense for secondary profiles to go through the Owner user VPN as an additional layer. It goes against the whole purpose of profiles of acting as separate devices as well as they can on the same device. Nesting VPNs is entirely possible and something VPN apps can support already. They can provide configuration for this inside the app or simply support chaining through multiple providers as the default approach. Some apps do support this in some form such as bridge support for Tor which is essentially exactly that provided in a specific way.
The current compromise often recommended is a not particularly intuitive hack offered by some firewall apps that have secondary VPN functionality but you forfeit expedient location changes and now have to place your trust in them to not introduce subtle bugs that break the VPN, a big ask for something of secondary concern to them, while they're focused on building out their firewall/dns features. Even worse, this compromise is off the table if you rely on the anti-censorship/obfuscation measures the full VPN provides.
No, there are apps with first class VPN support in addition to first class filtering support. Apps can support chaining VPN connections too. None of this is relevant to profiles and is something VPN apps need to provide. Most of these apps focusing on 1 specific thing instead of providing everything users want from a VPN app is because almost none of them are trying to make a high quality Android VPN app. Most are simply adding Android support to an existing project and use the VPN service feature for it without considering what makes a good Android VPN service app. There are a few apps trying to provide a good Android VPN service app and fulfilling multiple use cases at once.
Rizzler Separate VPN is a major part of why profiles exist.
Probably9857 No need to apologize. The user you're responding to has derailed multiple threads with their grievances about unrelated things, attacking GrapheneOS and other projects for illogical reasons. They were permanently suspended for doing this same thing in another thread in a much more severe way.
Viewpoint0232 You can use both a Private Space and a work profile at the same time so you don't need to choose. Private Space doesn't depend on a management app and provides more built-in functionality since it's not tied to one. It's not currently possible to have multiple Private Spaces but it could be added and it's something we could do in the future, but the UI would need to be figured out to properly differentiate between them in the same way the Private Space is differentiated from a work profile.
GrapheneOS Im just sad that i have to use up more than 3 VPN device slots with my provider just on a single device.
GrapheneOS How similar is the backend code for Private Space compared to work profiles?
- Edited
Rizzler if it really bothers you, depending on what VPN provider you use, you can download an OpenVPN config and use the OpenVPN app.
All VPN providers I have tried, don't bother attempting to limit consecutive OpenVPN connections (at least, not when made in the way described above). It's probably more work than it's worth, I imagine.
I'm not vouching for the speed or the security etc, of this method though. In fact I'm pretty sure the only VPN app advised by GrapheneOS is the Official WireGuard app.
I guess another method could be to use your home router, if it has the functionality. When at home, you could leave all the VPN slots without a VPN and connect your router to a VPN via a downloaded WireGuard config. Then when not at home, you could set up a VPN server on your router and make separate configs for each profile etc etc, I think you get the point by now...
Personally, I like having separate VPN slots for each profile as it helps with keeping them isolated.
@Rizzler mind me asking what VPN you use? Or how much it costs per month?
Edit: Actually, maybe leave it as I'm just going to derail the thread more with stuff that isn't really relevant to the topic. The reason I asked is because I find it hard to believe it could end up costing you that much extra by taking up a couple extra VPN slots
roamer4223 please feel free to delete my last message (and this one) if you feel I have derailed the thread again after the official GrapheneOS account pretty much brought the entire VPN matter to a close. I really didn't think before commenting, sorry
roamer4223 Hey, thank you for the detailed info. I use Mullvad with the WireGuard app. It may actually work with profiles, cuz i don't have two profiles open at the same time usually.
6 days later
Sorry if this has been asked, iv searched and the focus seems to be on VPNs. Can apps communicate between main and private space?
Do you have a source for that? Everything I've seen about it has been kind of ambiguous.
U are right actually, documentation is actually written pretty ambigious. I was under the impression that private space would be an isolated environment. I still assume it is.
I've read https://developer.android.com/about/versions/15/features#private-space.
The private space uses a separate user profile
I assume that apps can't communicate between user profiles, at least not how user profiles are currently implemented in GOS.
The system sharesheet and the photo picker can be used to give apps access to content across spaces when the private space is unlocked.
This is written ambigious in my opinion, is it only system sharesheet and photopicker which can give apps acces to content across spaces? I assume this is only possible after user interaction first? At least i hope so. So can apps communicate, or can they access content after user interaction first. I hope and assume the latter.
Apps in the private space show up in a separate container in the launcher, and are hidden from the recents view, notifications, settings, and from other apps when the private space is locked.
Hmm, only when locked?
When a user locks the private space, the profile is stopped. While the profile is stopped, apps in the private space are no longer active and can't perform foreground or background activities, including showing notifications.
I guess its safe to assume that in a locked state, apps can't communicate between spaces. However i'm not so sure anymore what is actually the case in a unlocked state.
This is based on AOSP, and the implementation in GOS might be slighty different, i.e. more secured.
@Graphene1 Apologies, i should take back that 'no'. I hope a developer can chime in and give a definitive answer.
- Edited
r134a The information I have is that apps cannot communicate between private space and main profile at all, like for separate user profiles, except for three things:
- Clipboard is shared between private space and main profile.
- There is some means of granting apps access to files in the other profile, in a secure and private fashion, using file picker and similar. Meaning you as user must approve it before the app gets any access at all.
- Files can be transferred between profiles in some manner by you as the user, but not by apps.
Apps in the private space show up in a separate container in the launcher, and are hidden from the recents view, notifications, settings, and from other apps when the private space is locked.
r134a Hmm, only when locked?
I feel like this might be an important distinction.
Thinking about this from Google's perspective, they would probably want apps in the private space to be able to communicate with Play Services in the owner profile. If that is the only exception, that is probably prevented on GrapheneOS by running Play Services in the sandbox.
Or would they design the feature in a way that communication is enabled with any app in the owner profile when the Private Space is unlocked?
The developer docs seem to emphasize the use-case of keeping apps hidden from shoulder surfers, snoopers, or someone borrowing your phone, which is probably not the primary concern of GrapheneOS users.
The description sounds the same as the existing "work profile" feature. So: apps can't see each other across profiles and all data (e.g. files, contacts) are separate, but it is possible to manually share some data (e.g. you can make a screenshot and then "share" it with an app in the private space)
Apps in the private space show up in a separate container in the launcher, and are hidden from the recents view, notifications, settings, and from other apps when the private space is locked.
Do u know if apps in main profile can 'see' apps in private space when private space is unlocked?